ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
301 Moved Permanently 169 B URL HTTP/1.1 ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
Analyzer Verdict Alert fortinet Malware
GET /files/9541728_9305885_CSGhost-v4.1.rar HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Wed, 11 Jan 2023 13:45:53 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Expires: Sat, 11 Feb 2023 13:45:53 GMT
Cache-Control: max-age=2678400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17874
Expires: Wed, 11 Jan 2023 18:43:48 GMT
Date: Wed, 11 Jan 2023 13:45:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3612
Expires: Wed, 11 Jan 2023 14:46:06 GMT
Date: Wed, 11 Jan 2023 13:45:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 13:41:48 GMT
content-type: application/json
age: 246
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d8ccb7b2b89aec333fabc04d37337892
c2a13a42c1bd0cf7ce68d9c13b3d6ba1044b5283
75fcc3ea090454e3489a131b70ab50798fec6a08664745027d7a1cf62c6aba28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75FCC3EA090454E3489A131B70AB50798FEC6A08664745027D7A1CF62C6ABA28"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14511
Expires: Wed, 11 Jan 2023 17:47:45 GMT
Date: Wed, 11 Jan 2023 13:45:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OyMPx3ZDOr1EB5zpp8qlEKyylPGBvIIlWFE1+LCUUE8o2bOs0T/k+C4vQTEMyocFTI3Jzz6aQuND73iCikNV9Q==
x-amz-request-id: 9X6YNMSGRB6JZY2P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 13:02:05 GMT
age: 2629
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f99c2684e5b280b42f3552c027c9e24d
08e19be8b08cd9e7bc4435de6d7673bc943ea688
3ede17f1f6a2811eb3d1e9ee31589194e5e81559353172b189f1967858bebced
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EDE17F1F6A2811EB3D1E9EE31589194E5E81559353172B189F1967858BEBCED"
Last-Modified: Tue, 10 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21566
Expires: Wed, 11 Jan 2023 19:45:20 GMT
Date: Wed, 11 Jan 2023 13:45:54 GMT
Connection: keep-alive
ezdrop.ru/design/style.css
200 OK 582 B URL HTTP/2 ezdrop.ru/design/style.css
IP
Hash 71b9c199b53668bbcf878cf3cc15669f
2961bf6e3a078ec06e3b9c52b8496b2651dac103
c18e0b51c34da30177cc70a34a265c7033ec49f081dc8ba1f4a976399a0bf812
GET /design/style.css HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: text/css
content-length: 582
last-modified: Fri, 12 Nov 2021 11:47:27 GMT
etag: "618e544f-246"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2
ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
200 OK 3.3 kB URL HTTP/2 ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
IP
Hash a651de968581560134c4359e001a9167
b588da300cca1470106634ca69c3ccfaf5ba3fda
ce455fe70b0f4b7396b7f275f1502c721a642972dd5c1d4c04da0b6a9f90e781
Analyzer Verdict Alert fortinet Malware
GET /files/9541728_9305885_CSGhost-v4.1.rar HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ezdrop.ru/design/ext/rar.png
200 OK 1.5 kB URL HTTP/2 ezdrop.ru/design/ext/rar.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a9c27c731607c71f5ae042f56b5ad7c
8802bb8268392cd2c843976c57e864ac1bd56617
2801d37f28ad48937aa606075a23999a1adaa372f6deb2b6d4485a8590ec0bcd
GET /design/ext/rar.png HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: image/png
content-length: 1501
last-modified: Wed, 05 Jan 2022 09:59:01 GMT
etag: "61d56be5-5dd"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2
ezdrop.ru/design/ext/zip.png
200 OK 973 B URL HTTP/2 ezdrop.ru/design/ext/zip.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c970c210df445dfe3d80b6f03ffb743
c85dd4be91d8681375d7e5c2524f91e016cce3fe
324815527ce0d2f69a452f7458984c3daac7e7de2b37fdfea459ab1b1f94169f
GET /design/ext/zip.png HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: image/png
content-length: 973
last-modified: Wed, 05 Jan 2022 09:53:34 GMT
etag: "61d56a9e-3cd"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2
ezdrop.ru/design/ext/png.png
200 OK 1.4 kB URL HTTP/2 ezdrop.ru/design/ext/png.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fc515c47f6852f2f7977df85cf4eaa96
7bba16b34567dc83e56165179e1edcd7ec853eed
1a3e5681378a919982e5dd0b10db72c7bc56b4bf44d6cd1dab1541dbfcf47e24
GET /design/ext/png.png HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: image/png
content-length: 1425
last-modified: Thu, 06 Jan 2022 10:55:37 GMT
etag: "61d6caa9-591"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2
ezdrop.ru/design/ext/mp4.png
200 OK 1.0 kB URL HTTP/2 ezdrop.ru/design/ext/mp4.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash c1bc38d1b71f92250c75ae6f82b1026e
ba8e62b90d02766d15a9dd7c74dd23859e0d3a05
7d3b9e4cae948349265c2c3c1066e3dff4f6300ca3e027960255b1604b8f246b
GET /design/ext/mp4.png HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: image/png
content-length: 1048
last-modified: Wed, 05 Jan 2022 09:53:32 GMT
etag: "61d56a9c-418"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2
ezdrop.ru/design/assets/js/ie10-viewport-bug-workaround.js
200 OK 641 B URL HTTP/2 ezdrop.ru/design/assets/js/ie10-viewport-bug-workaround.js
IP
Hash 90e29070de7dcd28a451465ec74047be
af717e217e39503f4dcaae216218d34540aabf9a
f663fd5d5698e04a8e56de60c13c54abcb6943adcb21c3d5e80866d0eda0604d
Analyzer Verdict Alert fortinet Malware
GET /design/assets/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: application/x-javascript
content-length: 641
last-modified: Fri, 12 Nov 2021 06:25:04 GMT
etag: "618e08c0-281"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 02:19:53 GMT
expires: Sun, 07 Jan 2024 02:19:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 386761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 13:17:24 GMT
age: 1710
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ezdrop.ru/system/icon.png
200 OK 3.3 kB URL HTTP/2 ezdrop.ru/system/icon.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ccaa28d4c80b0f46acec25e294316a2e
7f908283942b432a6ab02c09ecc3e9d6e94d865f
a1c14b7d7cedb5e32519e02aea9b9219a09430361324c20b23b248193968ba0d
GET /system/icon.png HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: image/png
content-length: 3349
last-modified: Fri, 12 Nov 2021 11:57:33 GMT
etag: "618e56ad-d15"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39bf291e57709ceecd07cf4dd5539ecd
e0b3aef8b47e4184fa743345c332f07bd3f7128e
3ee3402a998f6b858ecb1708f7fc42fa5f369abd4334dced3e621cd59cb26494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash cc5cdee3d781c5f07778a86b12880d71
86b0a24701b931786bca743567ad9506fbccb632
c3f9c2b61402dc26a791e95e146eb934aa0cd4c62c7e05c9947316f8dc3a473b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 13:45:55 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 15 Jan 2023 11:37:53 GMT
ETag: "86b0a24701b931786bca743567ad9506fbccb632"
Last-Modified: Wed, 11 Jan 2023 11:37:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3588
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787e1876bb5b0b55-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4316820982514952
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4316820982514952
IP
File type ASCII text, with very long lines (4885)
Hash 00f2586552ec5a40976a3bcb6d9dfec0
d198efb8f12a6910ca6e8b8e8d001065a8c96de4
75e2b1bb6943c69f42f802d0504bce4677ba89b61cf1baffbb290a195186152a
GET /pagead/js/adsbygoogle.js?client=ca-pub-4316820982514952 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ezdrop.ru
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 11 Jan 2023 13:45:54 GMT
expires: Wed, 11 Jan 2023 13:45:54 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9819170926607774085
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ce604e6f88a42844a4ec7d404879bdcf
d462a2a194a67d39d091ff49c4435fdfc39b3e5b
9e0222bcc67f019bb5c61657fc921fc42aa0cd7a75f6b1358d05231c53cc26e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6101
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Last-Modified: Wed, 11 Jan 2023 12:04:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39bf291e57709ceecd07cf4dd5539ecd
e0b3aef8b47e4184fa743345c332f07bd3f7128e
3ee3402a998f6b858ecb1708f7fc42fa5f369abd4334dced3e621cd59cb26494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash b604b44a44140d3e443d1c1c9da02d8d
05407447253dbbd694e67456c6b25b5112bd359d
0dcc105aceee70b68e812bdb6033ab465720efe541259c35f19aa09fadc88bf8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73737
date: Wed, 11 Jan 2023 13:45:55 GMT
access-control-allow-origin: *
etag: "63ae6ee1-12009"
expires: Wed, 11 Jan 2023 14:45:55 GMT
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230109/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230109/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 10 Jan 2023 22:30:26 GMT
expires: Tue, 24 Jan 2023 22:30:26 GMT
cache-control: public, max-age=1209600
age: 54929
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4eVw6CqqetDglJP9pwtemg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qV/1kDZqfbTsM6u6a2N5I7sQ9bc=
mc.yandex.ru/watch/86414434?wmode=7&page-url=https%3A%2F%2Fezdrop.ru%2Ffiles%2F9541728_9305885_CSGhost-v4.1.rar&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1589460536390%3Ahid%3A425982943%3Az%3A0%3Ai%3A20230111134540%3Aet%3A1673444741%3Ac%3A1%3Arn%3A378111604%3Arqn%3A1%3Au%3A1673444741754342434%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C236%2C33%2C0%2C361%2C0%2C%2C469%2C4%2C%2C%2C%2C1170%3Aco%3A0%3Ans%3A1673444739341%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673444741%3At%3AEzDrop.ru%20-%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
302 Found 471 B URL HTTP/2 mc.yandex.ru/watch/86414434?wmode=7&page-url=https%3A%2F%2Fezdrop.ru%2Ffiles%2F9541728_9305885_CSGhost-v4.1.rar&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1589460536390%3Ahid%3A425982943%3Az%3A0%3Ai%3A20230111134540%3Aet%3A1673444741%3Ac%3A1%3Arn%3A378111604%3Arqn%3A1%3Au%3A1673444741754342434%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C236%2C33%2C0%2C361%2C0%2C%2C469%2C4%2C%2C%2C%2C1170%3Aco%3A0%3Ans%3A1673444739341%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673444741%3At%3AEzDrop.ru%20-%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
Hash b62c4cff5caed771f4b0d9712fd57933
d61b882d6b59d2162c523efc60c84a46b0ea0671
ff865eac966c662a99fc0e6a5185678174261117cf0c20e4a03bb7e642a54e54
GET /watch/86414434?wmode=7&page-url=https%3A%2F%2Fezdrop.ru%2Ffiles%2F9541728_9305885_CSGhost-v4.1.rar&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1589460536390%3Ahid%3A425982943%3Az%3A0%3Ai%3A20230111134540%3Aet%3A1673444741%3Ac%3A1%3Arn%3A378111604%3Arqn%3A1%3Au%3A1673444741754342434%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C236%2C33%2C0%2C361%2C0%2C%2C469%2C4%2C%2C%2C%2C1170%3Aco%3A0%3Ans%3A1673444739341%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673444741%3At%3AEzDrop.ru%20-%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ezdrop.ru
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/86414434/1?wmode=7&page-url=https%3A%2F%2Fezdrop.ru%2Ffiles%2F9541728_9305885_CSGhost-v4.1.rar&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1589460536390%3Ahid%3A425982943%3Az%3A0%3Ai%3A20230111134540%3Aet%3A1673444741%3Ac%3A1%3Arn%3A378111604%3Arqn%3A1%3Au%3A1673444741754342434%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C236%2C33%2C0%2C361%2C0%2C%2C469%2C4%2C%2C%2C%2C1170%3Aco%3A0%3Ans%3A1673444739341%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673444741%3At%3AEzDrop.ru%20-%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 11 Jan 2023 13:45:55 GMT
access-control-allow-origin: https://ezdrop.ru
set-cookie: yabs-sid=943505451673444755; Path=/; SameSite=None; Secure
i=hDAZKnxt3pn+AoEMEDWzPIyxycELkSsRXLWH9VZNW3S6taWbesq5LZaFFcMS3LicxMutua/FUVzb82xgUGW3tHYBbuU=; Expires=Sat, 08-Jan-2033 13:45:54 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2639059211673444755; Expires=Thu, 11-Jan-2024 13:45:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2639059211673444755; Expires=Thu, 11-Jan-2024 13:45:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1704980755.yc.1673444755#1704980755.yrts.1673444755#1704980755.yrtsi.1673444755; Expires=Thu, 11-Jan-2024 13:45:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 11-Jan-2023 13:45:55 GMT
last-modified: Wed, 11-Jan-2023 13:45:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ee335bb2a20e83a137dedff2ff1f54b7
388a3728c5900302ff6cf2f1e27bcb12e8896b05
9ebf03e142fa0c5477430d456f614d9cea75229b2b3aa8643e0051e0fe760476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 66b50d58ebed379dc4f68b02c92f59d2
635df6d7900149fd2ce567c9d56f14ee71bb2b41
8092144e087cea4ee21d2a00fa5488225063f57d821ae9fdebe12c4478b08fc5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ezdrop.ru&callback=_gfp_s_&client=ca-pub-4316820982514952&gpid_exp=1
200 OK 248 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ezdrop.ru&callback=_gfp_s_&client=ca-pub-4316820982514952&gpid_exp=1
IP
File type ASCII text, with very long lines (385), with no line terminators
Hash ab0a7ee8692f6463218cfc5ffda4c7d7
9adb1e7d733316f8af9f70d16d1ed99e8734d6da
07fa3d475517f87e3c45919e1cccc553bfef930ded6c9b40f407c895d45e6b11
GET /gampad/cookie.js?domain=ezdrop.ru&callback=_gfp_s_&client=ca-pub-4316820982514952&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 11 Jan 2023 13:45:55 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=ezdrop.ru
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=ezdrop.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ezdrop.ru HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 11 Jan 2023 13:45:55 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=ezdrop.ru
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=ezdrop.ru
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ezdrop.ru HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 11 Jan 2023 13:45:55 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b62c4cff5caed771f4b0d9712fd57933
d61b882d6b59d2162c523efc60c84a46b0ea0671
ff865eac966c662a99fc0e6a5185678174261117cf0c20e4a03bb7e642a54e54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 11 Jan 2023 13:45:55 GMT
access-control-allow-origin: *
etag: "63ae6ee1-2b"
expires: Wed, 11 Jan 2023 14:45:55 GMT
accept-ranges: bytes
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ee335bb2a20e83a137dedff2ff1f54b7
388a3728c5900302ff6cf2f1e27bcb12e8896b05
9ebf03e142fa0c5477430d456f614d9cea75229b2b3aa8643e0051e0fe760476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/86414434/1?wmode=7&page-url=https%3A%2F%2Fezdrop.ru%2Ffiles%2F9541728_9305885_CSGhost-v4.1.rar&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1589460536390%3Ahid%3A425982943%3Az%3A0%3Ai%3A20230111134540%3Aet%3A1673444741%3Ac%3A1%3Arn%3A378111604%3Arqn%3A1%3Au%3A1673444741754342434%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C236%2C33%2C0%2C361%2C0%2C%2C469%2C4%2C%2C%2C%2C1170%3Aco%3A0%3Ans%3A1673444739341%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673444741%3At%3AEzDrop.ru%20-%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/86414434/1?wmode=7&page-url=https%3A%2F%2Fezdrop.ru%2Ffiles%2F9541728_9305885_CSGhost-v4.1.rar&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1589460536390%3Ahid%3A425982943%3Az%3A0%3Ai%3A20230111134540%3Aet%3A1673444741%3Ac%3A1%3Arn%3A378111604%3Arqn%3A1%3Au%3A1673444741754342434%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C236%2C33%2C0%2C361%2C0%2C%2C469%2C4%2C%2C%2C%2C1170%3Aco%3A0%3Ans%3A1673444739341%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673444741%3At%3AEzDrop.ru%20-%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash da31cd1d6f7e0f46a93a6bb3a65610fd
366c1f024a60fe6ecc02bcb9fc6ee0f3ddc539a9
19cb3226ddf9a5bdc610e3ac33a12aa0c670b880f46bb59c8604969832dd135c
GET /watch/86414434/1?wmode=7&page-url=https%3A%2F%2Fezdrop.ru%2Ffiles%2F9541728_9305885_CSGhost-v4.1.rar&charset=utf-8&browser-info=pv%3A1%3Avf%3Awy278c4xrecmji309n1ev%3Afp%3A1183%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A1589460536390%3Ahid%3A425982943%3Az%3A0%3Ai%3A20230111134540%3Aet%3A1673444741%3Ac%3A1%3Arn%3A378111604%3Arqn%3A1%3Au%3A1673444741754342434%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C236%2C33%2C0%2C361%2C0%2C%2C469%2C4%2C%2C%2C%2C1170%3Aco%3A0%3Ans%3A1673444739341%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673444741%3At%3AEzDrop.ru%20-%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D0%BE%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ezdrop.ru
Referer: https://ezdrop.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Wed, 11 Jan 2023 13:45:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://ezdrop.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 11-Jan-2023 13:45:55 GMT
last-modified: Wed, 11-Jan-2023 13:45:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 66b50d58ebed379dc4f68b02c92f59d2
635df6d7900149fd2ce567c9d56f14ee71bb2b41
8092144e087cea4ee21d2a00fa5488225063f57d821ae9fdebe12c4478b08fc5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230109&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230109&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14486), with no line terminators
Hash ce0aca080beacf75b2b0981584c60c8c
bb6a446694ff106eca8a82cef73d9b66f5375d8a
45dafd9fe8cada2e49d0d9f3ea5b65df6f335f6bd20d941353dca76ac6a622f7
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230109&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ezdrop.ru
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 11 Jan 2023 13:45:55 GMT
server: cafe
content-length: 10934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ba142e4ef5b32495ebc02d58adb74fed
9d17bf11138bfba4ccbd2d4adb700264ad7ae921
2a6012b10e8fda6c47827ff0e35ecab352ec442614716cd0a4d7173825b914ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 11 Jan 2023 13:45:55 GMT
expires: Wed, 11 Jan 2023 13:45:55 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 16:50:05 GMT
expires: Sat, 06 Jan 2024 16:50:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 420950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2da3b486ca4157f939fdd364b2c8080
4de00ad19b0d0f3ecdd0bc0ebb524248171cf6ab
a954aaa0653697da62950a7b741340d2703f53f081fdf5a651b385477828bd98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
IP
File type ASCII text, with very long lines (36169)
Hash 8054b79568a6047989e97a8e3f607299
b06bf98d1565297eec2ac5514b8c007eebb5dd54
feb248232edf7f5d539f31560d4153cc6ecca1277992a73e44f37ce98a75bd95
GET /bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 16068
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 01:48:38 GMT
expires: Sun, 07 Jan 2024 01:48:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
content-type: text/javascript
age: 388637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9d3d631f824642942edba0387cf019a5
e7605d850d2687eb211769bd17ef706e35845f69
c17f2b3cfedc60003482a6c9f3a692b9a052ae63bd873c28b9532416a1f0b279
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 13:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash dee81c035b6a260dea57e286a672db9b
54983ab1abee037e3389dfab7befb736580125f4
09377325a362eb0c160eca7db2e1f50589b680aca8487bde2380bcd16e551077
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 11 Jan 2023 13:45:55 GMT
date: Wed, 11 Jan 2023 13:45:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-_w7gVBgARgspdtUeJu_E6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230109&jk=1790255147835974&rc=
204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230109&jk=1790255147835974&rc=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230109&jk=1790255147835974&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 13:45:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7250
Expires: Wed, 11 Jan 2023 15:46:46 GMT
Date: Wed, 11 Jan 2023 13:45:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7250
Expires: Wed, 11 Jan 2023 15:46:46 GMT
Date: Wed, 11 Jan 2023 13:45:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7250
Expires: Wed, 11 Jan 2023 15:46:46 GMT
Date: Wed, 11 Jan 2023 13:45:56 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230109&jk=1790255147835974&bg=!Q0ClQATNAAYDMoyoIzI7ACkAdvg8WqKLprYk-GRjyLYKqh9THT7KUwmvrlJDDJtvEBO0P1HIW-2sQAIAAACgUgAAAARoAQcKAQHd_hYzdYvaSntRGqysH4fJzwiRGZkjYuZu8N7z6KfKmNPmadczBUnNFaPGrGIRQ3-Ju6YIZDnzx47I0yl69RdUhtiZl3IUTq3Ql3iMloo7I5NRBDfxWzuK00BdiMPW1N89XaWtEULV-b0ir8NIeHBPbmGOf73z2gbd02l2i1lItFuad9YDpR5SdkGPxNkfA4_JSnophukT65dZYfvL2qp-8fPxfYqNcKsZGo1qxUvxyyVSqFbVgefru7wjjyNDRkDffygBncDS6Qo8cvWHhPjMeI-YCLCQylmDEsJ0VhLHGe1zm0T95BSEfequAlbkLZhjeISEkuinv6VHIdWfkfy8GpkCe_zDZUQPeqj_sB0e2jJhZakXe86GWs31h9g2Q-swgLdoN_Y-ctwIAFCN_TqOaExquzigD9MHybgablzcSJzkxxN_611xN1mHLMnVf6mq_opTEnR6jq-GM1PtDLCxVKrKxTG7nRPpmnBYkpEg40eHbBh9vzIqVDJKkkEhHDlqFwrd7qkHpv2K5AZFZM4flX_zw89jCZI25zoqnjVpHgU3Lvhu6QvdUXIF6uLR_sSGxA34bwcqD7QKQOOIUrtNDanaSoqXNu8jnqslS1KrDC6QKTMmFj92bJfIf864kXDpJ8apsKIas0a__fTxKkwJwalcak6pn9IH88ZD1eLvlOoosxQFlkBlziW6Irtp3XekbIIAASDrirv7WBvppdzHm7QXSCh0A3DkTNezOLuFzzJRqK0yY-dD7do87Kv5Z0MQw14ueanLF0x-vdD2NodWSBMODVDOep2-4M_TtC6e_W4dvKyrPUPFyPQ2Fl4uH8lnxCK-7i6tkGDn48thn5G6LxaXQSq4KT6YxQoatQJYK6OAFRPGHfgFQznSP2bVgu-PLqCRe6a_PVC3GqvN7_BobR4cCmkWrYcmLugcN-uy2TXvXmtqwS0w9vNyg3sjC8FFINMJR-uzwvo2wneDpjgdjABvoiqqk8j9oEB9EAXN2h-lY0Cw6RAGn8t2aVoQxb_KtFljCW6ZjVE1IhXyvPAdQ466W-1-OCEnqz132ARkJ2kpWpaJqEalc-eVitXVqk6_slG33lRLHFWpFms711uKeYPM6JUgNZomF5SIrFMD_vkR-1AVgEyfdyWU1gSoxMV6sNP13-kn3dxADQ06r9TuQt4j3rYTGoiFLPyZUHmV
204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230109&jk=1790255147835974&bg=!Q0ClQATNAAYDMoyoIzI7ACkAdvg8WqKLprYk-GRjyLYKqh9THT7KUwmvrlJDDJtvEBO0P1HIW-2sQAIAAACgUgAAAARoAQcKAQHd_hYzdYvaSntRGqysH4fJzwiRGZkjYuZu8N7z6KfKmNPmadczBUnNFaPGrGIRQ3-Ju6YIZDnzx47I0yl69RdUhtiZl3IUTq3Ql3iMloo7I5NRBDfxWzuK00BdiMPW1N89XaWtEULV-b0ir8NIeHBPbmGOf73z2gbd02l2i1lItFuad9YDpR5SdkGPxNkfA4_JSnophukT65dZYfvL2qp-8fPxfYqNcKsZGo1qxUvxyyVSqFbVgefru7wjjyNDRkDffygBncDS6Qo8cvWHhPjMeI-YCLCQylmDEsJ0VhLHGe1zm0T95BSEfequAlbkLZhjeISEkuinv6VHIdWfkfy8GpkCe_zDZUQPeqj_sB0e2jJhZakXe86GWs31h9g2Q-swgLdoN_Y-ctwIAFCN_TqOaExquzigD9MHybgablzcSJzkxxN_611xN1mHLMnVf6mq_opTEnR6jq-GM1PtDLCxVKrKxTG7nRPpmnBYkpEg40eHbBh9vzIqVDJKkkEhHDlqFwrd7qkHpv2K5AZFZM4flX_zw89jCZI25zoqnjVpHgU3Lvhu6QvdUXIF6uLR_sSGxA34bwcqD7QKQOOIUrtNDanaSoqXNu8jnqslS1KrDC6QKTMmFj92bJfIf864kXDpJ8apsKIas0a__fTxKkwJwalcak6pn9IH88ZD1eLvlOoosxQFlkBlziW6Irtp3XekbIIAASDrirv7WBvppdzHm7QXSCh0A3DkTNezOLuFzzJRqK0yY-dD7do87Kv5Z0MQw14ueanLF0x-vdD2NodWSBMODVDOep2-4M_TtC6e_W4dvKyrPUPFyPQ2Fl4uH8lnxCK-7i6tkGDn48thn5G6LxaXQSq4KT6YxQoatQJYK6OAFRPGHfgFQznSP2bVgu-PLqCRe6a_PVC3GqvN7_BobR4cCmkWrYcmLugcN-uy2TXvXmtqwS0w9vNyg3sjC8FFINMJR-uzwvo2wneDpjgdjABvoiqqk8j9oEB9EAXN2h-lY0Cw6RAGn8t2aVoQxb_KtFljCW6ZjVE1IhXyvPAdQ466W-1-OCEnqz132ARkJ2kpWpaJqEalc-eVitXVqk6_slG33lRLHFWpFms711uKeYPM6JUgNZomF5SIrFMD_vkR-1AVgEyfdyWU1gSoxMV6sNP13-kn3dxADQ06r9TuQt4j3rYTGoiFLPyZUHmV
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230109&jk=1790255147835974&bg=!Q0ClQATNAAYDMoyoIzI7ACkAdvg8WqKLprYk-GRjyLYKqh9THT7KUwmvrlJDDJtvEBO0P1HIW-2sQAIAAACgUgAAAARoAQcKAQHd_hYzdYvaSntRGqysH4fJzwiRGZkjYuZu8N7z6KfKmNPmadczBUnNFaPGrGIRQ3-Ju6YIZDnzx47I0yl69RdUhtiZl3IUTq3Ql3iMloo7I5NRBDfxWzuK00BdiMPW1N89XaWtEULV-b0ir8NIeHBPbmGOf73z2gbd02l2i1lItFuad9YDpR5SdkGPxNkfA4_JSnophukT65dZYfvL2qp-8fPxfYqNcKsZGo1qxUvxyyVSqFbVgefru7wjjyNDRkDffygBncDS6Qo8cvWHhPjMeI-YCLCQylmDEsJ0VhLHGe1zm0T95BSEfequAlbkLZhjeISEkuinv6VHIdWfkfy8GpkCe_zDZUQPeqj_sB0e2jJhZakXe86GWs31h9g2Q-swgLdoN_Y-ctwIAFCN_TqOaExquzigD9MHybgablzcSJzkxxN_611xN1mHLMnVf6mq_opTEnR6jq-GM1PtDLCxVKrKxTG7nRPpmnBYkpEg40eHbBh9vzIqVDJKkkEhHDlqFwrd7qkHpv2K5AZFZM4flX_zw89jCZI25zoqnjVpHgU3Lvhu6QvdUXIF6uLR_sSGxA34bwcqD7QKQOOIUrtNDanaSoqXNu8jnqslS1KrDC6QKTMmFj92bJfIf864kXDpJ8apsKIas0a__fTxKkwJwalcak6pn9IH88ZD1eLvlOoosxQFlkBlziW6Irtp3XekbIIAASDrirv7WBvppdzHm7QXSCh0A3DkTNezOLuFzzJRqK0yY-dD7do87Kv5Z0MQw14ueanLF0x-vdD2NodWSBMODVDOep2-4M_TtC6e_W4dvKyrPUPFyPQ2Fl4uH8lnxCK-7i6tkGDn48thn5G6LxaXQSq4KT6YxQoatQJYK6OAFRPGHfgFQznSP2bVgu-PLqCRe6a_PVC3GqvN7_BobR4cCmkWrYcmLugcN-uy2TXvXmtqwS0w9vNyg3sjC8FFINMJR-uzwvo2wneDpjgdjABvoiqqk8j9oEB9EAXN2h-lY0Cw6RAGn8t2aVoQxb_KtFljCW6ZjVE1IhXyvPAdQ466W-1-OCEnqz132ARkJ2kpWpaJqEalc-eVitXVqk6_slG33lRLHFWpFms711uKeYPM6JUgNZomF5SIrFMD_vkR-1AVgEyfdyWU1gSoxMV6sNP13-kn3dxADQ06r9TuQt4j3rYTGoiFLPyZUHmV HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 11 Jan 2023 13:45:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c4ffc65-7035-4590-abf6-1cd83a378555.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c4ffc65-7035-4590-abf6-1cd83a378555.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5c59f4afbd783b6c11aae5d108c137d
602bfe875d5d35dd41c658c3073446270ffd611d
a26f78ab6de99533047fac6e43c40b12d556a4945dbf20093f996af96a65e593
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c4ffc65-7035-4590-abf6-1cd83a378555.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7356
x-amzn-requestid: 39459924-579a-4b2b-a909-b10ab074c195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efocvEZUoAMFrVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8784-6c2cb2f4681c9e541ceefffb;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:30:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wV-uvTkOQUSv_VgvZuc5YeMfE0LKnWicGnF0FToyloysdrPwYqm71g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:53:48 GMT
age: 57128
etag: "602bfe875d5d35dd41c658c3073446270ffd611d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4869fe48-260f-46c9-81a4-5ac67e647443.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4869fe48-260f-46c9-81a4-5ac67e647443.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a241015ff8d404c1837655539fc53ed
6dc1b2fd2ef31f12d95e912ed56316c2fb01ae35
c289b877f9e66a830ec4effffd411d1e1a251aac2fa82ac80bee8369bce1748b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4869fe48-260f-46c9-81a4-5ac67e647443.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8772
x-amzn-requestid: 0d049342-a984-487a-b48b-862704fa3d5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei8QdFKXIAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdda69-1caef78222b6470241e7db53;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aE4f4yuWkPLj8UAKwg4efQzzP1fI9fcXpv2AG2ZJZxMVx920yqqbQg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:49:25 GMT
age: 57391
etag: "6dc1b2fd2ef31f12d95e912ed56316c2fb01ae35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35ee3a36f2d56adfa27324f734f8f7fc
6ec36e85e464004c5e6255739e962e6dcc4c24c6
6cedd3770eb8879c837799d36ebca9d631789d972d3631d730829fc5d64abb25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad96383c-d707-4b10-ad6c-110acc0ed5e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8024
x-amzn-requestid: b331ee66-c166-4fa6-b950-287134d07fa2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ6EM0oAMFQFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-39ff669b44e3dd9339daa56b;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Fk214iXw9pGVhIOu0uwvDOrqHR-pOjicJOttxjMb0JDhxXbfpyRncg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 07:54:43 GMT
age: 21073
etag: "6ec36e85e464004c5e6255739e962e6dcc4c24c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 15:34:57 GMT
age: 79859
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a708649e0d6b128eb599b221445a8e06
59f9b06ee8e4c9608e29e7b19832fb925789f373
b4e17cfdee53b56ac33cb5a86253e4839ed7bd9bb1604209834bb22d881472f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe61553-0d3d-4c00-8e9b-da1405590a9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7140
x-amzn-requestid: 96450c55-6068-4946-9e5f-650c19d2772a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei739GoJIAMF0lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-2bf965d47a10fd61619d945f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t5mK-tl3WskwkQLUXPKR2ljEW32-Yo6_BHwqP2dNVUr09WoMyxYeZw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:42:06 GMT
age: 57830
etag: "59f9b06ee8e4c9608e29e7b19832fb925789f373"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56de8a53fb494855ff7717eeb39c1fed
438999ac8d0853e235a2c0e0f404291961c891ab
357db338b2f6fcf434bdd9c2561f91d3fc7e5d42a92e5068402ce3eeb6fba412
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faabf1f2c-deb1-4d58-9ee6-5dd522512882.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6400
x-amzn-requestid: f76c3961-a118-4639-a943-2ffbd3d28537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaD7hEEdoAMFs5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba4d16-3881379864dcae085aa4fd4d;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:56:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmS2bnkBSYTi7rEZuQ_frZ6GwU-PHrD3GfDXv7rDkp_ytjR7c9FhWw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 11 Jan 2023 09:00:56 GMT
age: 17100
etag: "438999ac8d0853e235a2c0e0f404291961c891ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ezdrop.ru/design/assets/js/ie-emulation-modes-warning.js
200 OK 0 B URL HTTP/2 ezdrop.ru/design/assets/js/ie-emulation-modes-warning.js
IP
Analyzer Verdict Alert fortinet Malware
GET /design/assets/js/ie-emulation-modes-warning.js HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 06:25:04 GMT
vary: Accept-Encoding
etag: W/"618e08c0-852"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2
ezdrop.ru/design/css/bootstrap.min.css
200 OK 0 B URL HTTP/2 ezdrop.ru/design/css/bootstrap.min.css
IP
GET /design/css/bootstrap.min.css HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: text/css
last-modified: Fri, 12 Nov 2021 06:25:04 GMT
vary: Accept-Encoding
etag: W/"618e08c0-1f3f9"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2
ezdrop.ru/design/js/bootstrap.min.js
200 OK 0 B URL HTTP/2 ezdrop.ru/design/js/bootstrap.min.js
IP
Analyzer Verdict Alert fortinet Malware
GET /design/js/bootstrap.min.js HTTP/1.1
Host: ezdrop.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ezdrop.ru/files/9541728_9305885_CSGhost-v4.1.rar
Cookie: PHPSESSID=dd114bfa26ac58aa702fd5f7f66b2c1a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.1
date: Wed, 11 Jan 2023 13:45:54 GMT
content-type: application/x-javascript
last-modified: Fri, 12 Nov 2021 06:25:05 GMT
vary: Accept-Encoding
etag: W/"618e08c1-8fd0"
expires: Sat, 11 Feb 2023 13:45:54 GMT
cache-control: max-age=2678400
content-encoding: gzip
X-Firefox-Spdy: h2
5.23.50.50
52.89.193.125
93.184.220.29
23.33.119.27
104.18.20.226