7f430e2192d1141e9a3ee2d6c63155fb07e8cdcbc4802293588b485f6b993dcf

Analysis

max time kernel
149s
max time network
151s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13/05/2024, 22:32 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3cd70cd993078df2be2c1d9157e955fb_JaffaCakes118.html
Size

205KB
MD5

3cd70cd993078df2be2c1d9157e955fb
SHA1

44c49bf68095f6cfc5e817acbd9d075e64668dae
SHA256

7f430e2192d1141e9a3ee2d6c63155fb07e8cdcbc4802293588b485f6b993dcf
SHA512

3fccd6c31283c16d0aa5592a67473165754f7ac58104f3e9a21c675309f3a0754be7bdd298e567f758591981ace3d88a901adc3890996e99583b22c3e48a5102
SSDEEP

6144:b+w3cIIIW3G4k5QhL8atV7iVQ5MIsuQyf5bTM+MdBXpKgXpgx4t4jO9mge/bE6zC:iicDd3G4k5QhL8attiwMIsuQyf5bTM+C

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d014898f85a5da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B8A5F3B1-1178-11EF-878B-CAFA5A0A62FD} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421801434"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002dcc56832ee45b40af0f973e997a3e3e00000000020000000000106600000001000020000000b32389bcf6f71f32d27655d6f5793ab3895939189d1ee4f5041d8ab61421d736000000000e80000000020000200000006157aaa20311f4bb9c028f225c8b4d05fc44334564f3e308212c9183bec0146c9000000025bc4006660b105e8e02e08a07469cf04b9c71fcc2575f22ba7e4998ef56ae3948f0b7e982be2fa6272faad695b98bcaa9cba13d7e682ab01a3b75185e0dfec0d95c23f08e135d49443fa49d20e08d58229e4f378fe81515788b7ec1ef06a4c6472abb76f9b8244574f0922e61116a547d9a98a4e7df0a46cfed7a18ee37b109f1da35cef3e409457c271d3e54d9d47940000000b60e65e609841df834a9224f33ec910005e84e2a2fa8d14b053e663d9090b8bd59c044acf9f47959d0571d77aa0524684fefdf3848342c60ce45a895f146700d	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000002dcc56832ee45b40af0f973e997a3e3e00000000020000000000106600000001000020000000ab2fdbe26a629b00b3c9e280b6e3fd38c965cb5802e3bd49d675c6684eece2c5000000000e8000000002000020000000215b054ba261016df36a1bf2cb30bb6a3fd78739cec875243b273d435e528600200000003d3530bd4798a3925e937c93f7a4b8743ec63d6392795477faea8feef7c577b440000000cb4159ee1abeef59ba692fe2e0f5ff0c1feab7dc5f37dacf1f2ab775065974c50c34cc7051dca83d5a0b8675dbd45599e50568a6a1ac6ee47e2ac35332048566	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1948	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1948	iexplore.exe
1948	iexplore.exe
2624	IEXPLORE.EXE
2624	IEXPLORE.EXE
2624	IEXPLORE.EXE
2624	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1948 wrote to memory of 2624	1948	iexplore.exe	28
PID 1948 wrote to memory of 2624	1948	iexplore.exe	28
PID 1948 wrote to memory of 2624	1948	iexplore.exe	28
PID 1948 wrote to memory of 2624	1948	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\3cd70cd993078df2be2c1d9157e955fb_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1948
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1948 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2624

Network

DNS

ajax.googleapis.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.75.234
DNS

4.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

4.bp.blogspot.com

IN A

Response

4.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

www.blogger.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.blogger.com

IN A

Response

www.blogger.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.201.169
DNS

apis.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.75.238
DNS

resources.blogblog.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

resources.blogblog.com

IN A

Response

resources.blogblog.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.201.169
DNS

3.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

3.bp.blogspot.com

IN A

Response

3.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

1.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

1.bp.blogspot.com

IN A

Response

1.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

platform.twitter.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A

Response

platform.twitter.com

IN CNAME

cs472.wac.edgecastcdn.net

cs472.wac.edgecastcdn.net

IN CNAME

cs1-apr-8315.wac.edgecastcdn.net

cs1-apr-8315.wac.edgecastcdn.net

IN CNAME

wac.apr-8315.edgecastdns.net

wac.apr-8315.edgecastdns.net

IN CNAME

cs1-lb-eu.8315.ecdns.net

cs1-lb-eu.8315.ecdns.net

IN CNAME

cs41.wac.edgecastcdn.net

cs41.wac.edgecastcdn.net

IN A

93.184.220.66
DNS

static.addtoany.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

static.addtoany.com

IN A

Response

static.addtoany.com

IN A

104.22.71.197

static.addtoany.com

IN A

172.67.39.148

static.addtoany.com

IN A

104.22.70.197
DNS

2.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

2.bp.blogspot.com

IN A

Response

2.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

IEXPLORE.EXE

Remote address:

142.250.75.234:443

Request

GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33593
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 17:45:32 GMT
Expires: Fri, 09 May 2025 17:45:32 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 362837
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://4.bp.blogspot.com/-T73sjK5SWWM/Vuz21AzxmxI/AAAAAAAAGPE/FPmb1sQEEaUbmfXHIYMaxOUA2ZZf0y4Tw/s320/ernest-prakasa%2B%25282%2529.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-T73sjK5SWWM/Vuz21AzxmxI/AAAAAAAAGPE/FPmb1sQEEaUbmfXHIYMaxOUA2ZZf0y4Tw/s320/ernest-prakasa%2B%25282%2529.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v18f7"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ernest-prakasa (2).jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 18843
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://4.bp.blogspot.com/-G1Yz6acDSxM/Vxs7O_TTOHI/AAAAAAAAHHo/8_owo5RcapU29d5Ox5KR_fK0FBJjUo7WACK4B/s50-c/zVbFbLTS.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-G1Yz6acDSxM/Vxs7O_TTOHI/AAAAAAAAHHo/8_owo5RcapU29d5Ox5KR_fK0FBJjUo7WACK4B/s50-c/zVbFbLTS.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1c85"
Expires: Tue, 14 May 2024 22:32:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="zVbFbLTS.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:52 GMT
Server: fife
Content-Length: 1948
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://3.bp.blogspot.com/-T14IWVMC27s/Vuz24_K9klI/AAAAAAAAGPU/37oJQY4H998FKtHYXNtgl3ND2bUNic0UQ/s320/1476889441_20130709.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-T14IWVMC27s/Vuz24_K9klI/AAAAAAAAGPU/37oJQY4H998FKtHYXNtgl3ND2bUNic0UQ/s320/1476889441_20130709.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v18f7"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1476889441_20130709.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 20327
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://3.bp.blogspot.com/-XF5u0vt5ywg/Vuk-IQ-WHzI/AAAAAAAAGGc/7HAfZljT2dcnEf9o5NM_DCxSRyFAr_uXA/w72-h72-p-k-no-nu/RA%2BKartini.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-XF5u0vt5ywg/Vuk-IQ-WHzI/AAAAAAAAGGc/7HAfZljT2dcnEf9o5NM_DCxSRyFAr_uXA/w72-h72-p-k-no-nu/RA%2BKartini.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v186a"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="RA Kartini.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 3160
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://3.bp.blogspot.com/-RUo-iAHCUck/Vuz2dpTC53I/AAAAAAAAGOs/itOY9fGAPCMBzBJizEaqyhjeQzN5mZWaQ/s320/p28-aernest_0.img_assist_custom-517x500.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-RUo-iAHCUck/Vuz2dpTC53I/AAAAAAAAGOs/itOY9fGAPCMBzBJizEaqyhjeQzN5mZWaQ/s320/p28-aernest_0.img_assist_custom-517x500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v18f6"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="p28-aernest_0.img_assist_custom-517x500.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 19111
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://3.bp.blogspot.com/-4KFZ_3UHdHQ/VyWXagapsBI/AAAAAAAAHQ8/TH193VrQmJ48eRkNson_3hcUA6W28z6CQCK4B/s50-c/IMG_5002.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-4KFZ_3UHdHQ/VyWXagapsBI/AAAAAAAAHQ8/TH193VrQmJ48eRkNson_3hcUA6W28z6CQCK4B/s50-c/IMG_5002.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1d12"
Expires: Tue, 14 May 2024 22:32:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_5002.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:52 GMT
Server: fife
Content-Length: 2063
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://1.bp.blogspot.com/-g4iUfr_iHI0/Vuz225irM5I/AAAAAAAAGPM/TBtH2ClU7hUUQE1qZnfTrzd5k2bzJ6fGg/s320/enrnestcov.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-g4iUfr_iHI0/Vuz225irM5I/AAAAAAAAGPM/TBtH2ClU7hUUQE1qZnfTrzd5k2bzJ6fGg/s320/enrnestcov.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v18f7"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="enrnestcov.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 25190
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://1.bp.blogspot.com/-0DMJIbxfJxE/VxwbGwn_EbI/AAAAAAAAHME/Vx0jGNrHIncap0Wg4sejmIHcPxbMzfZuQCK4B/s50-c/Bfy4sgxCAAETGwj.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-0DMJIbxfJxE/VxwbGwn_EbI/AAAAAAAAHME/Vx0jGNrHIncap0Wg4sejmIHcPxbMzfZuQCK4B/s50-c/Bfy4sgxCAAETGwj.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1ccc"
Expires: Tue, 14 May 2024 22:32:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Bfy4sgxCAAETGwj.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:52 GMT
Server: fife
Content-Length: 2303
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://4.bp.blogspot.com/-XkOzVr1YmwM/VtLPlu-9l7I/AAAAAAAAFvg/ZShD-Ry8SHg/s1600-r/BiodataPedia22.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-XkOzVr1YmwM/VtLPlu-9l7I/AAAAAAAAFvg/ZShD-Ry8SHg/s1600-r/BiodataPedia22.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v16fa"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="BiodataPedia22.png"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 9019
X-XSS-Protection: 0
GET

https://4.bp.blogspot.com/-MCVXyptW44g/Vuz2zuuvPjI/AAAAAAAAGO8/C7JZPD6U380YAzjCj6N5Goeh0y3SaoAQQ/s320/ernest-prakasa%2B%25281%2529.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-MCVXyptW44g/Vuz2zuuvPjI/AAAAAAAAGO8/C7JZPD6U380YAzjCj6N5Goeh0y3SaoAQQ/s320/ernest-prakasa%2B%25281%2529.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v18f7"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ernest-prakasa (1).jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 14458
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://4.bp.blogspot.com/-WIwndMOYHNw/VydE4L2K9HI/AAAAAAAAHUI/7f3dMa-h6dkh7GNLplDooueHiQ11NnpEwCK4B/s50-c/1fR60Sm2.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-WIwndMOYHNw/VydE4L2K9HI/AAAAAAAAHUI/7f3dMa-h6dkh7GNLplDooueHiQ11NnpEwCK4B/s50-c/1fR60Sm2.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1d4d"
Expires: Tue, 14 May 2024 22:32:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1fR60Sm2.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:52 GMT
Server: fife
Content-Length: 2681
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://platform.twitter.com/widgets.js

IEXPLORE.EXE

Remote address:

93.184.220.66:80

Request

GET /widgets.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: platform.twitter.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1032
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Mon, 13 May 2024 22:32:48 GMT
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27597
GET

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5140630214149183968&zx=c91180a7-a0b5-4720-a1bc-375eb593d65e

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /dyn-css/authorization.css?targetBlogID=5140630214149183968&zx=c91180a7-a0b5-4720-a1bc-375eb593d65e HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 13 May 2024 22:32:49 GMT
Last-Modified: Mon, 13 May 2024 22:32:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/jsbin/322573858-cmt.js

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/jsbin/322573858-cmt.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=MwSUvmAIBIabpu7ROlD-4WFfKAqtmxaTcJK6yOAVv5g

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 34701
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 08 May 2024 08:19:56 GMT
Expires: Thu, 08 May 2025 08:19:56 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 08 May 2024 07:54:36 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 483176
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=WFcA98xqZ4x6RS_hPc4M9JttksBF80V7Pg4I6ESBboA

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /comment-iframe-bg.g?bgresponse=js_disabled&bgint=WFcA98xqZ4x6RS_hPc4M9JttksBF80V7Pg4I6ESBboA HTTP/1.1
Accept: */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1#%7B%22color%22%3A%22rgb(0%2C%200%2C%200)%22%2C%22backgroundColor%22%3A%22rgb(241%2C%20241%2C%20241)%22%2C%22unvisitedLinkColor%22%3A%22rgb(52%2C%20152%2C%20219)%22%2C%22fontFamily%22%3A%22%5C%22Roboto_Regular%5C%22%2C%20%5C%22Roboto%5C%22%2C%20%5C%22Roboto%20Regular%5C%22%2C%20%5C%22Franklin%20Gothic%20Medium%5C%22%2C%20%5C%22Franklin%20Gothic%20Book%5C%22%2C%20%5C%22Lucida%20Sans%5C%22%2C%20%5C%22Lucida%20Sans%20Unicode%5C%22%2C%20%5C%22Helmet%2CFreesans%5C%22%2C%20%5C%22Sans-Serif%5C%22%22%7D
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=MwSUvmAIBIabpu7ROlD-4WFfKAqtmxaTcJK6yOAVv5g

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 13 May 2024 22:32:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://1.bp.blogspot.com/-F-PumyT1ATU/Vuz2oFQCJ3I/AAAAAAAAGO0/G_CMqW9CDJ0wiHrkTSTKH8kd2lG1l5ghw/s320/ernest-prakasa.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-F-PumyT1ATU/Vuz2oFQCJ3I/AAAAAAAAGO0/G_CMqW9CDJ0wiHrkTSTKH8kd2lG1l5ghw/s320/ernest-prakasa.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v18f7"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ernest-prakasa.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 25403
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://1.bp.blogspot.com/-RQP6_W0HRPg/VyWdjDtt18I/AAAAAAAAHRw/yAk1Y9X_7vkOk7kEaXaCqN1I3_mslD_PACK4B/s50-c/marsha-aruan.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-RQP6_W0HRPg/VyWdjDtt18I/AAAAAAAAHRw/yAk1Y9X_7vkOk7kEaXaCqN1I3_mslD_PACK4B/s50-c/marsha-aruan.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1d28"
Expires: Tue, 14 May 2024 22:32:52 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="marsha-aruan.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:52 GMT
Server: fife
Content-Length: 2748
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://1.bp.blogspot.com/-K0LBewWRbyA/VuljXbbY0oI/AAAAAAAAGHM/uW9bYuAF2YMuQT02ghTYY6HIfyoJYgbDw/w72-h72-p-k-no-nu/Biografi%2BPahlawan%2BNasional%2BJendral%2BSudirman.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-K0LBewWRbyA/VuljXbbY0oI/AAAAAAAAGHM/uW9bYuAF2YMuQT02ghTYY6HIfyoJYgbDw/w72-h72-p-k-no-nu/Biografi%2BPahlawan%2BNasional%2BJendral%2BSudirman.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1876"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Biografi Pahlawan Nasional Jendral Sudirman.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 2522
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://3.bp.blogspot.com/-LgumVOOiE18/Vuqch1VTKxI/AAAAAAAAGJI/pxNz4Cmqc4U8rwmDQFJHRQJfWiN9X6fyw/w72-h72-p-k-no-nu/083609400_1430971931-header.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-LgumVOOiE18/Vuqch1VTKxI/AAAAAAAAGJI/pxNz4Cmqc4U8rwmDQFJHRQJfWiN9X6fyw/w72-h72-p-k-no-nu/083609400_1430971931-header.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1894"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="083609400_1430971931-header.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 2281
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://static.addtoany.com/menu/page.js

IEXPLORE.EXE

Remote address:

104.22.71.197:80

Request

GET /menu/page.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.addtoany.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Mon, 13 May 2024 22:32:48 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 13 May 2024 23:32:48 GMT
Location: https://static.addtoany.com/menu/page.js
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 88361b49af236673-AMS
alt-svc: h3=":443"; ma=86400
GET

https://www.blogger.com/static/v1/jsbin/2567313873-comment_from_post_iframe.js

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/jsbin/2567313873-comment_from_post_iframe.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 4392
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 12 May 2024 19:36:35 GMT
Expires: Mon, 12 May 2025 19:36:35 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 19 Nov 2018 19:29:15 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 96974
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/widgets/254310735-widget_css_bundle.css

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/widgets/254310735-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 7524
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 11 May 2024 02:36:31 GMT
Expires: Sun, 11 May 2025 02:36:31 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 05 Mar 2019 03:12:59 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 244578
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/widgets/401488378-widgets.js

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/widgets/401488378-widgets.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 52240
Date: Mon, 13 May 2024 22:32:49 GMT
Expires: Tue, 13 May 2025 22:32:49 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 22 Oct 2018 22:19:32 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/navbar.g?targetBlogID=5140630214149183968&blogName=Biodatapedia.com&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.biodatapedia.com/search&blogLocale=in&v=2&homepageUrl=http://www.biodatapedia.com/&targetPostID=2550669472333206486&blogPostOrPageUrl=http://www.biodatapedia.com/2016/03/biodata-dan-profil-lengkap-ernest-prakasa.html&vt=-719121598573444004&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /navbar.g?targetBlogID=5140630214149183968&blogName=Biodatapedia.com&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.biodatapedia.com/search&blogLocale=in&v=2&homepageUrl=http://www.biodatapedia.com/&targetPostID=2550669472333206486&blogPostOrPageUrl=http://www.biodatapedia.com/2016/03/biodata-dan-profil-lengkap-ernest-prakasa.html&vt=-719121598573444004&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 13 May 2024 22:32:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 13 May 2024 22:32:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: S=blogger=MwSUvmAIBIabpu7ROlD-4WFfKAqtmxaTcJK6yOAVv5g; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/v-css/2621646369-cmtfp.css HTTP/1.1
Accept: text/css, */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=MwSUvmAIBIabpu7ROlD-4WFfKAqtmxaTcJK6yOAVv5g

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 3701
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 21:18:04 GMT
Expires: Sat, 10 May 2025 21:18:04 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 10 May 2024 17:55:09 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 263688
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/v-css/368954415-lightbox_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=MwSUvmAIBIabpu7ROlD-4WFfKAqtmxaTcJK6yOAVv5g

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 6541
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 12 May 2024 16:48:42 GMT
Expires: Mon, 12 May 2025 16:48:42 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Jan 2021 23:35:52 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 107050
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/jsbin/1997604990-lbx.js

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/jsbin/1997604990-lbx.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=MwSUvmAIBIabpu7ROlD-4WFfKAqtmxaTcJK6yOAVv5g

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 130271
Date: Mon, 13 May 2024 22:32:53 GMT
Expires: Tue, 13 May 2025 22:32:53 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 22 Oct 2018 22:19:32 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://2.bp.blogspot.com/-F9RvB6eZPVo/Vxd87nTq5YI/AAAAAAAAHDs/SHnIThSb3jEuMHVp0BR25qgD7GhrgTuMgCK4B/w72-h72-p-k-no-nu/wr-soepratman.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-F9RvB6eZPVo/Vxd87nTq5YI/AAAAAAAAHDs/SHnIThSb3jEuMHVp0BR25qgD7GhrgTuMgCK4B/w72-h72-p-k-no-nu/wr-soepratman.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1c3c"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="wr-soepratman.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 3153
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 475
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 22:01:52 GMT
Expires: Thu, 16 May 2024 22:01:52 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 09 May 2024 16:58:13 GMT
Content-Type: image/png
Age: 347457
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/blank.gif

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /img/blank.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 43
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 08:10:48 GMT
Expires: Thu, 16 May 2024 08:10:48 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 08 May 2024 09:56:17 GMT
Content-Type: image/gif
Age: 397324
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/anon36.png

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /img/anon36.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 1654
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 00:13:51 GMT
Expires: Fri, 17 May 2024 00:13:51 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 09 May 2024 16:58:13 GMT
Content-Type: image/png
Age: 339541
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://1.bp.blogspot.com/-sGc0tZIqYtM/Vtunod5aQWI/AAAAAAAAF28/iSStWOgHu2s/w72-h72-p-k-no-nu/tuanku-imam-bonjol.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-sGc0tZIqYtM/Vtunod5aQWI/AAAAAAAAF28/iSStWOgHu2s/w72-h72-p-k-no-nu/tuanku-imam-bonjol.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1770"
Expires: Tue, 14 May 2024 22:32:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tuanku-imam-bonjol.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:49 GMT
Server: fife
Content-Length: 3352
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 15190
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 22:01:12 GMT
Expires: Fri, 09 May 2025 22:01:12 GMT
Cache-Control: public, max-age=31536000
Age: 347498
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,person,plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_3?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,person,plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_3?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 29729
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 13 May 2024 17:56:58 GMT
Expires: Tue, 13 May 2025 17:56:58 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 16553
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/u/0/_/widget/render/person?usegapi=1&width=200&layout=portrait&href=https%3A%2F%2Fplus.google.com%2F111964522774749413838&theme=light&showtagline=true&showcoverphoto=true&rel=author&hl=in&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /u/0/_/widget/render/person?usegapi=1&width=200&layout=portrait&href=https%3A%2F%2Fplus.google.com%2F111964522774749413838&theme=light&showtagline=true&showcoverphoto=true&rel=author&hl=in&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: http://developers.google.com/
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:51 GMT
Expires: Mon, 13 May 2024 23:02:51 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 226
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/platform:gapi.iframes.style.common.js

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/navbar.g?targetBlogID=5140630214149183968&blogName=Biodatapedia.com&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.biodatapedia.com/search&blogLocale=in&v=2&homepageUrl=http://www.biodatapedia.com/&targetPostID=2550669472333206486&blogPostOrPageUrl=http://www.biodatapedia.com/2016/03/biodata-dan-profil-lengkap-ernest-prakasa.html&vt=-719121598573444004&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Mon, 13 May 2024 22:32:51 GMT
Expires: Mon, 13 May 2024 22:32:51 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "1df5d68c1707a051"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/navbar.g?targetBlogID=5140630214149183968&blogName=Biodatapedia.com&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.biodatapedia.com/search&blogLocale=in&v=2&homepageUrl=http://www.biodatapedia.com/&targetPostID=2550669472333206486&blogPostOrPageUrl=http://www.biodatapedia.com/2016/03/biodata-dan-profil-lengkap-ernest-prakasa.html&vt=-719121598573444004&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 45677
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 04:30:54 GMT
Expires: Sat, 10 May 2025 04:30:54 GMT
Cache-Control: public, max-age=31536000
Age: 324117
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/plusone.js

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Mon, 13 May 2024 22:32:49 GMT
Expires: Mon, 13 May 2024 22:32:49 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "80d5c9d57d5f206f"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 55813
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 13 May 2024 18:40:04 GMT
Expires: Tue, 13 May 2025 18:40:04 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 13966
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=person/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_2?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=person/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_2?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 82
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 22:57:31 GMT
Expires: Sat, 10 May 2025 22:57:31 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 257720
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=true&size=medium&hl=in&origin=file%3A%2F%2F&url=http%3A%2F%2Fwww.biodatapedia.com%2F2016%2F03%2Fbiodata-dan-profil-lengkap-ernest-prakasa.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&count=true&size=medium&hl=in&origin=file%3A%2F%2F&url=http%3A%2F%2Fwww.biodatapedia.com%2F2016%2F03%2Fbiodata-dan-profil-lengkap-ernest-prakasa.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: http://developers.google.com/
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Mon, 13 May 2024 22:32:51 GMT
Expires: Mon, 13 May 2024 23:02:51 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 226
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/rpc:shindig_random.js?onload=init

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Mon, 13 May 2024 22:32:51 GMT
Expires: Mon, 13 May 2024 22:32:51 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "9b77125b6924cb07"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 23473
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 15:38:10 GMT
Expires: Sat, 10 May 2025 15:38:10 GMT
Cache-Control: public, max-age=31536000
Age: 284082
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://static.addtoany.com/menu/page.js

IEXPLORE.EXE

Remote address:

104.22.71.197:443

Request

GET /menu/page.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.addtoany.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Mon, 13 May 2024 22:32:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, stale-while-revalidate=30, public
Cf-Bgj: minify
ETag: W/"e346c2841e4abbb66ee259e9540abb61"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilquHBfZwe112MG4lxQJaE1Bl%2F1Semnk9Mh%2BEbXe%2BDx%2BybVbsR4Q5Zk%2F9rOUWhdZ26RQjEtVIN10UNSWhZnKMUDc0iQddFAiLQn431iW1y0ENRlR2c%2FMXDQ7dgMGnGMUgYp3CKA9"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
CF-Cache-Status: HIT
Age: 26264
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 88361b5118311c8d-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
GET

https://static.addtoany.com/menu/sm.25.html

IEXPLORE.EXE

Remote address:

104.22.71.197:443

Request

GET /menu/sm.25.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.addtoany.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Mon, 13 May 2024 22:32:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSeivxXBn8S26LGjslhMi1BIR6MwRd1IOK%2BhrD%2B05RDOl%2FihCgx8zfqtRDd8YzhEqgmJHNDdyQDqdvBIBht82qzh4Zw8vj8EFWvJKOcpbqEcL4J6Z1WH13zWEiUKzgsUa09ueVyX4uf%2B%2BRo%2FBpUFaZzD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 14446
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 88361b566c1b1c8d-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
DNS

apps.identrust.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

2.18.190.81

a1952.dscq.akamai.net

IN A

2.18.190.80
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

IEXPLORE.EXE

Remote address:

2.18.190.81:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Mon, 13 May 2024 23:32:49 GMT
Date: Mon, 13 May 2024 22:32:49 GMT
Connection: keep-alive
DNS

x2.c.lencr.org

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

x2.c.lencr.org

IN A

Response

x2.c.lencr.org

IN CNAME

crl.root-x1.letsencrypt.org.edgekey.net

crl.root-x1.letsencrypt.org.edgekey.net

IN CNAME

e8652.dscx.akamaiedge.net

e8652.dscx.akamaiedge.net

IN A

23.55.97.11
GET

http://x2.c.lencr.org/

IEXPLORE.EXE

Remote address:

23.55.97.11:80

Request

GET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x2.c.lencr.org

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Mon, 12 Feb 2024 22:07:27 GMT
ETag: "65ca969f-12b"
Cache-Control: max-age=3600
Expires: Mon, 13 May 2024 23:32:50 GMT
Date: Mon, 13 May 2024 22:32:50 GMT
Content-Length: 299
Connection: keep-alive
DNS

jqueryapi.info

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

jqueryapi.info

IN A

Response

jqueryapi.info

IN A

45.56.79.23

jqueryapi.info

IN A

198.58.118.167

jqueryapi.info

IN A

45.33.23.183

jqueryapi.info

IN A

96.126.123.244

jqueryapi.info

IN A

45.79.19.196

jqueryapi.info

IN A

45.33.2.79

jqueryapi.info

IN A

173.255.194.134

jqueryapi.info

IN A

72.14.185.43

jqueryapi.info

IN A

45.33.18.44

jqueryapi.info

IN A

45.33.30.197

jqueryapi.info

IN A

72.14.178.174

jqueryapi.info

IN A

45.33.20.235
GET

http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C3cd70cd993078df2be2c1d9157e955fb_JaffaCakes118.html

IEXPLORE.EXE

Remote address:

45.56.79.23:80

Request

GET /?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C3cd70cd993078df2be2c1d9157e955fb_JaffaCakes118.html HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: jqueryapi.info
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

server: openresty/1.13.6.1
date: Mon, 13 May 2024 22:32:50 GMT
content-type: application/javascript
content-length: 157
last-modified: Tue, 10 Jan 2023 21:36:11 GMT
etag: "63bdda4b-9d"
accept-ranges: bytes
connection: close
DNS

themes.googleusercontent.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

themes.googleusercontent.com

IN A

Response

themes.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.74.225
GET

http://themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff

IEXPLORE.EXE

Remote address:

142.250.74.225:80

Request

GET /static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: themes.googleusercontent.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21132
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 14:35:14 GMT
Expires: Fri, 09 May 2025 14:35:14 GMT
Cache-Control: public, max-age=31536000
Age: 374256
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
GET

http://themes.googleusercontent.com/static/fonts/roboto/v11/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff

IEXPLORE.EXE

Remote address:

142.250.74.225:80

Request

GET /static/fonts/roboto/v11/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: themes.googleusercontent.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 19973
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 13 May 2024 21:11:10 GMT
Expires: Tue, 13 May 2025 21:11:10 GMT
Cache-Control: public, max-age=31536000
Age: 4900
Last-Modified: Sun, 25 Jun 2023 02:58:00 GMT
Content-Type: font/woff
Vary: Accept-Encoding
GET

http://themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff

IEXPLORE.EXE

Remote address:

142.250.74.225:80

Request

GET /static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: themes.googleusercontent.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 19812
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 20:26:13 GMT
Expires: Sat, 10 May 2025 20:26:13 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Age: 266797
GET

http://themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff

IEXPLORE.EXE

Remote address:

142.250.74.225:80

Request

GET /static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: themes.googleusercontent.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 22396
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 12 May 2024 17:58:33 GMT
Expires: Mon, 12 May 2025 17:58:33 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Age: 102857
GET

http://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff

IEXPLORE.EXE

Remote address:

142.250.74.225:80

Request

GET /static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: themes.googleusercontent.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21520
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 10:39:09 GMT
Expires: Fri, 09 May 2025 10:39:09 GMT
Cache-Control: public, max-age=31536000
Age: 388422
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
GET

http://themes.googleusercontent.com/static/fonts/roboto/v11/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff

IEXPLORE.EXE

Remote address:

142.250.74.225:80

Request

GET /static/fonts/roboto/v11/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: themes.googleusercontent.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 20636
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 11 May 2024 18:34:18 GMT
Expires: Sun, 11 May 2025 18:34:18 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Age: 187112
DNS

www.biodatapedia.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.biodatapedia.com

IN A

Response

www.biodatapedia.com

IN CNAME

ghs.google.com

ghs.google.com

IN A

142.250.179.83
GET

https://static.addtoany.com/menu/eso.BRQnzO8v.js

IEXPLORE.EXE

Remote address:

104.22.71.197:443

Request

GET /menu/eso.BRQnzO8v.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.addtoany.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Mon, 13 May 2024 22:32:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
Cf-Bgj: minify
ETag: W/"93c41722448d9f615d5594fdaa7bb9e0"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLuOW9KcPEXpd0Aaz9bC3yP83jI%2BjXDT4MyttMj%2FwaWEyM%2FsmgeL%2FZD9RkFTj6I6qqbcY5HG7v2nMtPB9Var3bfOStzL35jNl4BVIFvk9bL8Q%2BzRDI4c4RtoLLk2l2miXmMnNeRs"}],"group":"cf-nel","max_age":604800}
Vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
CF-Cache-Status: HIT
Age: 26254
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 88361b583eef9fca-AMS
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
GET

http://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373

IEXPLORE.EXE

Remote address:

142.250.201.169:80

Request

GET /comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Location: https://accounts.google.com/ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&go=true
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 13 May 2024 22:32:51 GMT
Expires: Mon, 13 May 2024 22:32:51 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 342
Server: GSE
GET

http://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1

IEXPLORE.EXE

Remote address:

142.250.201.169:80

Request

GET /comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Location: https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 13 May 2024 22:32:51 GMT
Expires: Mon, 13 May 2024 22:32:51 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 279
Server: GSE
DNS

developers.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

developers.google.com

IN A

Response

developers.google.com

IN A

172.217.20.174
DNS

accounts.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

173.194.69.84
GET

http://developers.google.com/

IEXPLORE.EXE

Remote address:

172.217.20.174:80

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://developers.google.com/
X-Cloud-Trace-Context: 0bcdfac74bb559ed592a77dee1a93d86
Date: Mon, 13 May 2024 22:32:51 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
GET

http://developers.google.com/

IEXPLORE.EXE

Remote address:

172.217.20.174:80

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://developers.google.com/
X-Cloud-Trace-Context: 3a25cc07e08cd1865476927d9b5e53a6
Date: Mon, 13 May 2024 22:32:51 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
GET

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

173.194.69.84:443

Request

GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 13 May 2024 22:32:51 GMT
Content-Security-Policy: script-src 'nonce-kxEyHfqJ2FYDqILeRWrGpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
Cross-Origin-Resource-Policy: same-site
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&go=true

IEXPLORE.EXE

Remote address:

173.194.69.84:443

Request

GET /ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&go=true HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Content-Type: application/binary
Set-Cookie: __Host-GAPS=1:Q6EnaAJrzDMe_iW-IGDN5xLUEr2m9w:pw3I1hHiDrv38ybb; Expires=Wed, 13-May-2026 22:32:51 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 13 May 2024 22:32:51 GMT
Location: http://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Content-Security-Policy: script-src 'nonce-EbviqjOrA9Bo7KBYVIMBfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Opener-Policy: unsafe-none
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://www.biodatapedia.com/feeds/posts/summary/-/Artis?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex

IEXPLORE.EXE

Remote address:

142.250.179.83:80

Request

GET /feeds/posts/summary/-/Artis?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.biodatapedia.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Cross-Origin-Resource-Policy: cross-origin
ETag: W/"99d9c52f1564b29d8a45dc655063ea9a4b24be016572f7d948af994163cdf241"
Date: Mon, 13 May 2024 22:32:51 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Mon, 13 May 2024 22:32:52 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Wed, 13 Mar 2024 12:44:59 GMT
Content-Encoding: gzip
Content-Length: 866
X-Frame-Options: SAMEORIGIN
GET

http://www.biodatapedia.com/feeds/posts/summary/-/Artis?alt=json-in-script&orderby=updated&start-index=10&max-results=5&callback=showRelatedPost

IEXPLORE.EXE

Remote address:

142.250.179.83:80

Request

GET /feeds/posts/summary/-/Artis?alt=json-in-script&orderby=updated&start-index=10&max-results=5&callback=showRelatedPost HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.biodatapedia.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Cross-Origin-Resource-Policy: cross-origin
ETag: W/"2ddf14f9533f4b23655a9003d8765e692fd83999b14bedab8585f317a9aef283"
Date: Mon, 13 May 2024 22:32:52 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Mon, 13 May 2024 22:32:53 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Wed, 13 Mar 2024 12:44:59 GMT
Content-Encoding: gzip
Content-Length: 2210
X-Frame-Options: SAMEORIGIN
GET

https://developers.google.com/

IEXPLORE.EXE

Remote address:

172.217.20.174:443

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 08 May 2024 22:41:35 GMT
Content-Type: text/html; charset=utf-8
Vary: Cookie
Vary: Accept-Encoding
Set-Cookie: _ga_devsite=GA1.3.933127114.1715639572; Expires=Wed, 13 May 2026 22:32:52 GMT; Max-Age=63072000; Path=/
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-E1MqNoVajEN7JYUJnXi0reoBabbQL/' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Content-Encoding: gzip
X-Cloud-Trace-Context: f5fcc20360123828d35e6ccb5eaaa5de
Date: Mon, 13 May 2024 22:32:52 GMT
Server: Google Frontend
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
DNS

ssl.gstatic.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ssl.gstatic.com

IN A

Response

ssl.gstatic.com

IN A

172.217.20.195
GET

https://developers.google.com/

IEXPLORE.EXE

Remote address:

172.217.20.174:443

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Last-Modified: Wed, 08 May 2024 22:41:35 GMT
Content-Type: text/html; charset=utf-8
Vary: Cookie
Vary: Accept-Encoding
Set-Cookie: _ga_devsite=GA1.3.1044785827.1715639572; Expires=Wed, 13 May 2026 22:32:52 GMT; Max-Age=63072000; Path=/
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-QjfpQGeZCj12lGII2SChANkioilnPc' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Content-Encoding: gzip
X-Cloud-Trace-Context: ef06c90d04ce6f9d611f20330ecb56e8
Date: Mon, 13 May 2024 22:32:52 GMT
Server: Google Frontend
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

IEXPLORE.EXE

Remote address:

172.217.20.195:443

Request

GET /accounts/o/3604799710-postmessagerelay.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ssl.gstatic.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="federated-signon-mpm-access"
Report-To: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
Content-Length: 4846
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 08:02:24 GMT
Expires: Fri, 09 May 2025 08:02:24 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 29 Apr 2024 12:07:43 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 397827
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://developers.google.com/extras.css

IEXPLORE.EXE

Remote address:

172.217.20.174:443

Request

GET /extras.css HTTP/1.1
Accept: text/css, */*
Referer: https://developers.google.com/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive
Cookie: _ga_devsite=GA1.3.933127114.1715639572
DNS

www.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.132
GET

https://www.google.com/js/bg/WFcA98xqZ4x6RS_hPc4M9JttksBF80V7Pg4I6ESBboA.js

IEXPLORE.EXE

Remote address:

142.250.178.132:443

Request

GET /js/bg/WFcA98xqZ4x6RS_hPc4M9JttksBF80V7Pg4I6ESBboA.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 24066
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 07 May 2024 11:16:11 GMT
Expires: Wed, 07 May 2025 11:16:11 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 29 Apr 2024 11:30:00 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 559001
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

173.194.69.84:443

Request

GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
Cookie: __Host-GAPS=1:Q6EnaAJrzDMe_iW-IGDN5xLUEr2m9w:pw3I1hHiDrv38ybb

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 13 May 2024 22:33:53 GMT
Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
Content-Security-Policy: script-src 'nonce-Fd5ABaiS2_98EXMpB7-PIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
Cross-Origin-Resource-Policy: same-site
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
GET

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

173.194.69.84:443

Request

GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
Cookie: __Host-GAPS=1:Q6EnaAJrzDMe_iW-IGDN5xLUEr2m9w:pw3I1hHiDrv38ybb

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 13 May 2024 22:34:55 GMT
Content-Security-Policy: script-src 'nonce-wUPZntfCFahBZiMfAES-tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
Cross-Origin-Resource-Policy: same-site
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

142.250.75.234:443

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

tls, http

IEXPLORE.EXE

1.7kB
41.5kB
24
36

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

HTTP Response

200
142.250.179.97:443

https://4.bp.blogspot.com/-G1Yz6acDSxM/Vxs7O_TTOHI/AAAAAAAAHHo/8_owo5RcapU29d5Ox5KR_fK0FBJjUo7WACK4B/s50-c/zVbFbLTS.jpg

tls, http

IEXPLORE.EXE

2.0kB
30.0kB
20
29

HTTP Request

GET https://4.bp.blogspot.com/-T73sjK5SWWM/Vuz21AzxmxI/AAAAAAAAGPE/FPmb1sQEEaUbmfXHIYMaxOUA2ZZf0y4Tw/s320/ernest-prakasa%2B%25282%2529.jpg

HTTP Response

200

HTTP Request

GET https://4.bp.blogspot.com/-G1Yz6acDSxM/Vxs7O_TTOHI/AAAAAAAAHHo/8_owo5RcapU29d5Ox5KR_fK0FBJjUo7WACK4B/s50-c/zVbFbLTS.jpg

HTTP Response

200
142.250.179.97:443

https://3.bp.blogspot.com/-T14IWVMC27s/Vuz24_K9klI/AAAAAAAAGPU/37oJQY4H998FKtHYXNtgl3ND2bUNic0UQ/s320/1476889441_20130709.jpg

tls, http

IEXPLORE.EXE

1.5kB
28.9kB
18
27

HTTP Request

GET https://3.bp.blogspot.com/-T14IWVMC27s/Vuz24_K9klI/AAAAAAAAGPU/37oJQY4H998FKtHYXNtgl3ND2bUNic0UQ/s320/1476889441_20130709.jpg

HTTP Response

200
142.250.179.97:443

https://3.bp.blogspot.com/-XF5u0vt5ywg/Vuk-IQ-WHzI/AAAAAAAAGGc/7HAfZljT2dcnEf9o5NM_DCxSRyFAr_uXA/w72-h72-p-k-no-nu/RA%2BKartini.jpg

tls, http

IEXPLORE.EXE

1.2kB
10.8kB
12
14

HTTP Request

GET https://3.bp.blogspot.com/-XF5u0vt5ywg/Vuk-IQ-WHzI/AAAAAAAAGGc/7HAfZljT2dcnEf9o5NM_DCxSRyFAr_uXA/w72-h72-p-k-no-nu/RA%2BKartini.jpg

HTTP Response

200
142.250.179.97:443

https://3.bp.blogspot.com/-4KFZ_3UHdHQ/VyWXagapsBI/AAAAAAAAHQ8/TH193VrQmJ48eRkNson_3hcUA6W28z6CQCK4B/s50-c/IMG_5002.jpg

tls, http

IEXPLORE.EXE

2.0kB
30.4kB
21
29

HTTP Request

GET https://3.bp.blogspot.com/-RUo-iAHCUck/Vuz2dpTC53I/AAAAAAAAGOs/itOY9fGAPCMBzBJizEaqyhjeQzN5mZWaQ/s320/p28-aernest_0.img_assist_custom-517x500.jpg

HTTP Response

200

HTTP Request

GET https://3.bp.blogspot.com/-4KFZ_3UHdHQ/VyWXagapsBI/AAAAAAAAHQ8/TH193VrQmJ48eRkNson_3hcUA6W28z6CQCK4B/s50-c/IMG_5002.jpg

HTTP Response

200
142.250.179.97:443

https://1.bp.blogspot.com/-0DMJIbxfJxE/VxwbGwn_EbI/AAAAAAAAHME/Vx0jGNrHIncap0Wg4sejmIHcPxbMzfZuQCK4B/s50-c/Bfy4sgxCAAETGwj.jpg

tls, http

IEXPLORE.EXE

2.1kB
37.1kB
23
35

HTTP Request

GET https://1.bp.blogspot.com/-g4iUfr_iHI0/Vuz225irM5I/AAAAAAAAGPM/TBtH2ClU7hUUQE1qZnfTrzd5k2bzJ6fGg/s320/enrnestcov.jpg

HTTP Response

200

HTTP Request

GET https://1.bp.blogspot.com/-0DMJIbxfJxE/VxwbGwn_EbI/AAAAAAAAHME/Vx0jGNrHIncap0Wg4sejmIHcPxbMzfZuQCK4B/s50-c/Bfy4sgxCAAETGwj.jpg

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/-XkOzVr1YmwM/VtLPlu-9l7I/AAAAAAAAFvg/ZShD-Ry8SHg/s1600-r/BiodataPedia22.png

http

IEXPLORE.EXE

754 B
9.9kB
9
10

HTTP Request

GET http://4.bp.blogspot.com/-XkOzVr1YmwM/VtLPlu-9l7I/AAAAAAAAFvg/ZShD-Ry8SHg/s1600-r/BiodataPedia22.png

HTTP Response

200
142.250.179.97:80

2.bp.blogspot.com

IEXPLORE.EXE

190 B
92 B
4
2
93.184.220.66:80

platform.twitter.com

IEXPLORE.EXE

190 B
132 B
4
3
142.250.179.97:443

https://4.bp.blogspot.com/-WIwndMOYHNw/VydE4L2K9HI/AAAAAAAAHUI/7f3dMa-h6dkh7GNLplDooueHiQ11NnpEwCK4B/s50-c/1fR60Sm2.jpg

tls, http

IEXPLORE.EXE

2.0kB
26.2kB
20
27

HTTP Request

GET https://4.bp.blogspot.com/-MCVXyptW44g/Vuz2zuuvPjI/AAAAAAAAGO8/C7JZPD6U380YAzjCj6N5Goeh0y3SaoAQQ/s320/ernest-prakasa%2B%25281%2529.jpg

HTTP Response

200

HTTP Request

GET https://4.bp.blogspot.com/-WIwndMOYHNw/VydE4L2K9HI/AAAAAAAAHUI/7f3dMa-h6dkh7GNLplDooueHiQ11NnpEwCK4B/s50-c/1fR60Sm2.jpg

HTTP Response

200
93.184.220.66:80

http://platform.twitter.com/widgets.js

http

IEXPLORE.EXE

997 B
29.2kB
16
24

HTTP Request

GET http://platform.twitter.com/widgets.js

HTTP Response

200
142.250.201.169:443

www.blogger.com

tls

IEXPLORE.EXE

752 B
4.8kB
10
9
142.250.201.169:443

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=WFcA98xqZ4x6RS_hPc4M9JttksBF80V7Pg4I6ESBboA

tls, http

IEXPLORE.EXE

4.0kB
64.0kB
39
60

HTTP Request

GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5140630214149183968&zx=c91180a7-a0b5-4720-a1bc-375eb593d65e

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/322573858-cmt.js

HTTP Response

200

HTTP Request

GET https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=WFcA98xqZ4x6RS_hPc4M9JttksBF80V7Pg4I6ESBboA

HTTP Response

200
142.250.179.97:443

https://1.bp.blogspot.com/-RQP6_W0HRPg/VyWdjDtt18I/AAAAAAAAHRw/yAk1Y9X_7vkOk7kEaXaCqN1I3_mslD_PACK4B/s50-c/marsha-aruan.jpg

tls, http

IEXPLORE.EXE

2.2kB
38.4kB
24
36

HTTP Request

GET https://1.bp.blogspot.com/-F-PumyT1ATU/Vuz2oFQCJ3I/AAAAAAAAGO0/G_CMqW9CDJ0wiHrkTSTKH8kd2lG1l5ghw/s320/ernest-prakasa.jpg

HTTP Response

200

HTTP Request

GET https://1.bp.blogspot.com/-RQP6_W0HRPg/VyWdjDtt18I/AAAAAAAAHRw/yAk1Y9X_7vkOk7kEaXaCqN1I3_mslD_PACK4B/s50-c/marsha-aruan.jpg

HTTP Response

200
142.250.179.97:443

https://1.bp.blogspot.com/-K0LBewWRbyA/VuljXbbY0oI/AAAAAAAAGHM/uW9bYuAF2YMuQT02ghTYY6HIfyoJYgbDw/w72-h72-p-k-no-nu/Biografi%2BPahlawan%2BNasional%2BJendral%2BSudirman.jpg

tls, http

IEXPLORE.EXE

1.3kB
10.2kB
13
14

HTTP Request

GET https://1.bp.blogspot.com/-K0LBewWRbyA/VuljXbbY0oI/AAAAAAAAGHM/uW9bYuAF2YMuQT02ghTYY6HIfyoJYgbDw/w72-h72-p-k-no-nu/Biografi%2BPahlawan%2BNasional%2BJendral%2BSudirman.jpg

HTTP Response

200
142.250.179.97:443

https://3.bp.blogspot.com/-LgumVOOiE18/Vuqch1VTKxI/AAAAAAAAGJI/pxNz4Cmqc4U8rwmDQFJHRQJfWiN9X6fyw/w72-h72-p-k-no-nu/083609400_1430971931-header.jpg

tls, http

IEXPLORE.EXE

1.4kB
10.1kB
14
15

HTTP Request

GET https://3.bp.blogspot.com/-LgumVOOiE18/Vuqch1VTKxI/AAAAAAAAGJI/pxNz4Cmqc4U8rwmDQFJHRQJfWiN9X6fyw/w72-h72-p-k-no-nu/083609400_1430971931-header.jpg

HTTP Response

200
142.250.75.234:443

ajax.googleapis.com

tls

IEXPLORE.EXE

710 B
5.1kB
9
9
104.22.71.197:80

http://static.addtoany.com/menu/page.js

http

IEXPLORE.EXE

544 B
1.3kB
6
5

HTTP Request

GET http://static.addtoany.com/menu/page.js

HTTP Response

301
142.250.201.169:443

resources.blogblog.com

tls

IEXPLORE.EXE

759 B
4.8kB
10
9
104.22.71.197:80

static.addtoany.com

IEXPLORE.EXE

466 B
92 B
10
2
142.250.201.169:443

https://www.blogger.com/static/v1/widgets/254310735-widget_css_bundle.css

tls, http

IEXPLORE.EXE

1.7kB
18.8kB
17
20

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/2567313873-comment_from_post_iframe.js

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/widgets/254310735-widget_css_bundle.css

HTTP Response

200
142.250.201.169:443

https://www.blogger.com/static/v1/jsbin/1997604990-lbx.js

tls, http

IEXPLORE.EXE

8.1kB
218.6kB
107
172

HTTP Request

GET https://www.blogger.com/static/v1/widgets/401488378-widgets.js

HTTP Response

200

HTTP Request

GET https://www.blogger.com/navbar.g?targetBlogID=5140630214149183968&blogName=Biodatapedia.com&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://www.biodatapedia.com/search&blogLocale=in&v=2&homepageUrl=http://www.biodatapedia.com/&targetPostID=2550669472333206486&blogPostOrPageUrl=http://www.biodatapedia.com/2016/03/biodata-dan-profil-lengkap-ernest-prakasa.html&vt=-719121598573444004&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

HTTP Response

200

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/v-css/368954415-lightbox_bundle.css

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/1997604990-lbx.js

HTTP Response

200
142.250.179.97:443

2.bp.blogspot.com

tls

IEXPLORE.EXE

708 B
6.9kB
9
10
142.250.179.97:443

https://2.bp.blogspot.com/-F9RvB6eZPVo/Vxd87nTq5YI/AAAAAAAAHDs/SHnIThSb3jEuMHVp0BR25qgD7GhrgTuMgCK4B/w72-h72-p-k-no-nu/wr-soepratman.jpg

tls, http

IEXPLORE.EXE

1.3kB
10.8kB
13
14

HTTP Request

GET https://2.bp.blogspot.com/-F9RvB6eZPVo/Vxd87nTq5YI/AAAAAAAAHDs/SHnIThSb3jEuMHVp0BR25qgD7GhrgTuMgCK4B/w72-h72-p-k-no-nu/wr-soepratman.jpg

HTTP Response

200
142.250.201.169:443

https://resources.blogblog.com/img/anon36.png

tls, http

IEXPLORE.EXE

2.3kB
11.1kB
18
15

HTTP Request

GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png

HTTP Response

200

HTTP Request

GET https://resources.blogblog.com/img/blank.gif

HTTP Response

200

HTTP Request

GET https://resources.blogblog.com/img/anon36.png

HTTP Response

200
142.250.179.97:443

https://1.bp.blogspot.com/-sGc0tZIqYtM/Vtunod5aQWI/AAAAAAAAF28/iSStWOgHu2s/w72-h72-p-k-no-nu/tuanku-imam-bonjol.jpg

tls, http

IEXPLORE.EXE

1.3kB
11.0kB
13
14

HTTP Request

GET https://1.bp.blogspot.com/-sGc0tZIqYtM/Vtunod5aQWI/AAAAAAAAF28/iSStWOgHu2s/w72-h72-p-k-no-nu/tuanku-imam-bonjol.jpg

HTTP Response

200
142.250.75.238:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

tls, http

IEXPLORE.EXE

6.6kB
127.6kB
60
102

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=gapi_iframes,gapi_iframes_style_bubble,person,plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_3?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/u/0/_/widget/render/person?usegapi=1&width=200&layout=portrait&href=https%3A%2F%2Fplus.google.com%2F111964522774749413838&theme=light&showtagline=true&showcoverphoto=true&rel=author&hl=in&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

HTTP Response

301

HTTP Request

GET https://apis.google.com/js/platform:gapi.iframes.style.common.js

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

HTTP Response

200
142.250.75.238:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

tls, http

IEXPLORE.EXE

6.2kB
124.8kB
62
102

HTTP Request

GET https://apis.google.com/js/plusone.js

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=person/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_2?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=true&size=medium&hl=in&origin=file%3A%2F%2F&url=http%3A%2F%2Fwww.biodatapedia.com%2F2016%2F03%2Fbiodata-dan-profil-lengkap-ernest-prakasa.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

HTTP Response

301

HTTP Request

GET https://apis.google.com/js/rpc:shindig_random.js?onload=init

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

HTTP Response

200
104.22.71.197:443

https://static.addtoany.com/menu/sm.25.html

tls, http

IEXPLORE.EXE

1.6kB
9.6kB
16
17

HTTP Request

GET https://static.addtoany.com/menu/page.js

HTTP Response

200

HTTP Request

GET https://static.addtoany.com/menu/sm.25.html

HTTP Response

200
2.18.190.81:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

IEXPLORE.EXE

421 B
1.6kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
23.55.97.11:80

http://x2.c.lencr.org/

http

IEXPLORE.EXE

402 B
1.4kB
6
5

HTTP Request

GET http://x2.c.lencr.org/

HTTP Response

200
45.56.79.23:80

jqueryapi.info

IEXPLORE.EXE

466 B
92 B
10
2
45.56.79.23:80

http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C3cd70cd993078df2be2c1d9157e955fb_JaffaCakes118.html

http

IEXPLORE.EXE

607 B
580 B
5
4

HTTP Request

GET http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C3cd70cd993078df2be2c1d9157e955fb_JaffaCakes118.html

HTTP Response

200
142.250.74.225:80

http://themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff

http

IEXPLORE.EXE

985 B
22.6kB
15
20

HTTP Request

GET http://themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff

HTTP Response

200
142.250.74.225:80

http://themes.googleusercontent.com/static/fonts/roboto/v11/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff

http

IEXPLORE.EXE

960 B
21.5kB
14
19

HTTP Request

GET http://themes.googleusercontent.com/static/fonts/roboto/v11/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff

HTTP Response

200
142.250.74.225:80

http://themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff

http

IEXPLORE.EXE

960 B
21.2kB
14
19

HTTP Request

GET http://themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff

HTTP Response

200
142.250.74.225:80

http://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff

http

IEXPLORE.EXE

1.8kB
46.7kB
25
37

HTTP Request

GET http://themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff

HTTP Response

200

HTTP Request

GET http://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff

HTTP Response

200
142.250.74.225:80

http://themes.googleusercontent.com/static/fonts/roboto/v11/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff

http

IEXPLORE.EXE

960 B
22.1kB
14
19

HTTP Request

GET http://themes.googleusercontent.com/static/fonts/roboto/v11/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff

HTTP Response

200
104.22.71.197:443

https://static.addtoany.com/menu/eso.BRQnzO8v.js

tls, http

IEXPLORE.EXE

1.5kB
31.5kB
21
32

HTTP Request

GET https://static.addtoany.com/menu/eso.BRQnzO8v.js

HTTP Response

200
142.250.201.169:80

http://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1

http

IEXPLORE.EXE

1.1kB
2.5kB
8
8

HTTP Request

GET http://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373

HTTP Response

302

HTTP Request

GET http://www.blogger.com/comment-iframe.g?blogID=5140630214149183968&postID=2550669472333206486&blogspotRpcToken=4961373&bpli=1

HTTP Response

302
142.250.75.238:443

apis.google.com

tls

IEXPLORE.EXE

519 B
355 B
6
5
142.250.75.238:443

apis.google.com

tls

IEXPLORE.EXE

519 B
355 B
6
5
172.217.20.174:80

http://developers.google.com/

http

IEXPLORE.EXE

532 B
411 B
6
4

HTTP Request

GET http://developers.google.com/

HTTP Response

301
172.217.20.174:80

http://developers.google.com/

http

IEXPLORE.EXE

584 B
690 B
7
5

HTTP Request

GET http://developers.google.com/

HTTP Response

301
173.194.69.84:443

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

tls, http

IEXPLORE.EXE

1.3kB
6.3kB
11
12

HTTP Request

GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

HTTP Response

200
173.194.69.84:443

https://accounts.google.com/ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&go=true

tls, http

IEXPLORE.EXE

1.4kB
6.3kB
10
11

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D5140630214149183968%26postID%3D2550669472333206486%26blogspotRpcToken%3D4961373%26bpli%3D1&go=true

HTTP Response

302
142.250.179.83:80

http://www.biodatapedia.com/feeds/posts/summary/-/Artis?alt=json-in-script&orderby=updated&start-index=10&max-results=5&callback=showRelatedPost

http

IEXPLORE.EXE

1.1kB
4.5kB
9
9

HTTP Request

GET http://www.biodatapedia.com/feeds/posts/summary/-/Artis?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex

HTTP Response

200

HTTP Request

GET http://www.biodatapedia.com/feeds/posts/summary/-/Artis?alt=json-in-script&orderby=updated&start-index=10&max-results=5&callback=showRelatedPost

HTTP Response

200
142.250.179.83:80

www.biodatapedia.com

IEXPLORE.EXE

190 B
92 B
4
2
172.217.20.174:443

https://developers.google.com/

tls, http

IEXPLORE.EXE

1.9kB
42.5kB
28
37

HTTP Request

GET https://developers.google.com/

HTTP Response

200
172.217.20.174:443

https://developers.google.com/

tls, http

IEXPLORE.EXE

1.8kB
35.8kB
27
31

HTTP Request

GET https://developers.google.com/

HTTP Response

200
172.217.20.195:443

https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

tls, http

IEXPLORE.EXE

1.4kB
10.7kB
12
13

HTTP Request

GET https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

HTTP Response

200
172.217.20.195:443

ssl.gstatic.com

tls

IEXPLORE.EXE

700 B
4.7kB
9
8
172.217.20.174:443

https://developers.google.com/extras.css

tls, http

IEXPLORE.EXE

925 B
355 B
7
5

HTTP Request

GET https://developers.google.com/extras.css
142.250.178.132:443

https://www.google.com/js/bg/WFcA98xqZ4x6RS_hPc4M9JttksBF80V7Pg4I6ESBboA.js

tls, http

IEXPLORE.EXE

1.7kB
30.8kB
20
27

HTTP Request

GET https://www.google.com/js/bg/WFcA98xqZ4x6RS_hPc4M9JttksBF80V7Pg4I6ESBboA.js

HTTP Response

200
142.250.178.132:443

www.google.com

tls

IEXPLORE.EXE

1.0kB
4.7kB
16
9
173.194.69.84:443

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

tls, http

IEXPLORE.EXE

1.2kB
1.9kB
9
8

HTTP Request

GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

HTTP Response

200
173.194.69.84:443

accounts.google.com

tls

IEXPLORE.EXE

523 B
355 B
6
5
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

785 B
7.7kB
9
13
173.194.69.84:443

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

tls, http

IEXPLORE.EXE

1.2kB
2.0kB
8
9

HTTP Request

GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

HTTP Response

200
173.194.69.84:443

accounts.google.com

tls

IEXPLORE.EXE

431 B
315 B
4
4

8.8.8.8:53

ajax.googleapis.com

dns

IEXPLORE.EXE

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.75.234
8.8.8.8:53

4.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

4.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

www.blogger.com

dns

IEXPLORE.EXE

61 B
108 B
1
1

DNS Request

www.blogger.com

DNS Response

142.250.201.169
8.8.8.8:53

apis.google.com

dns

IEXPLORE.EXE

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

142.250.75.238
8.8.8.8:53

resources.blogblog.com

dns

IEXPLORE.EXE

68 B
115 B
1
1

DNS Request

resources.blogblog.com

DNS Response

142.250.201.169
8.8.8.8:53

3.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

3.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

1.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

1.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

platform.twitter.com

dns

IEXPLORE.EXE

66 B
241 B
1
1

DNS Request

platform.twitter.com

DNS Response

93.184.220.66
8.8.8.8:53

static.addtoany.com

dns

IEXPLORE.EXE

65 B
113 B
1
1

DNS Request

static.addtoany.com

DNS Response

104.22.71.197

172.67.39.148

104.22.70.197
8.8.8.8:53

2.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

2.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

apps.identrust.com

dns

IEXPLORE.EXE

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

2.18.190.81

2.18.190.80
8.8.8.8:53

x2.c.lencr.org

dns

IEXPLORE.EXE

60 B
165 B
1
1

DNS Request

x2.c.lencr.org

DNS Response

23.55.97.11
8.8.8.8:53

jqueryapi.info

dns

IEXPLORE.EXE

60 B
252 B
1
1

DNS Request

jqueryapi.info

DNS Response

45.56.79.23

198.58.118.167

45.33.23.183

96.126.123.244

45.79.19.196

45.33.2.79

173.255.194.134

72.14.185.43

45.33.18.44

45.33.30.197

72.14.178.174

45.33.20.235
8.8.8.8:53

themes.googleusercontent.com

dns

IEXPLORE.EXE

74 B
119 B
1
1

DNS Request

themes.googleusercontent.com

DNS Response

142.250.74.225
8.8.8.8:53

www.biodatapedia.com

dns

IEXPLORE.EXE

66 B
107 B
1
1

DNS Request

www.biodatapedia.com

DNS Response

142.250.179.83
8.8.8.8:53

developers.google.com

dns

IEXPLORE.EXE

67 B
83 B
1
1

DNS Request

developers.google.com

DNS Response

172.217.20.174
8.8.8.8:53

accounts.google.com

dns

IEXPLORE.EXE

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

173.194.69.84
8.8.8.8:53

ssl.gstatic.com

dns

IEXPLORE.EXE

61 B
77 B
1
1

DNS Request

ssl.gstatic.com

DNS Response

172.217.20.195
8.8.8.8:53

www.google.com

dns

IEXPLORE.EXE

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.178.132
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
d1228a6eac7566b1fab85bbbb3da15ee

SHA1
15a329727cedac22d2599db3d203451fe136650b

SHA256
dae9c360cfb4c4795c95c2cde57ffa820fcdf8ecbbd5d743281429ae2adc8a34

SHA512
9c35feb363b53415a3a2d1f3b2a408b1b1d8f7e7a9dfa84c0e77264e63d4c45cc01fa3bc73f4aecddb5b964d6e6d2000c5e45d4b04ef6352532f2acb339e227a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_F82FCC341F124F6AC9D153F6ECE89FFA

Filesize
472B

MD5
b4c3749bbfb9ceac82cd326796e43b14

SHA1
bbf7637c9f986850267161692f047391b0fe8715

SHA256
212812e803772508cb5e76fac021fee5bd941eb811184a4aa46a6c30a6038e68

SHA512
803d59ab578ec514ce7d5296243afe941265cfe3b7561a5f91a67099ff9163bd5641f9db2bb98cbceb98d812dd30d4afedcb00bfefc2199f7b30eed6549fefda

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
ac89a852c2aaa3d389b2d2dd312ad367

SHA1
8f421dd6493c61dbda6b839e2debb7b50a20c930

SHA256
0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

SHA512
c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_AC420C38BB74EA210EB13D87E9370DA6

Filesize
472B

MD5
782b1c350fec56b7f02e79ae6dc97b92

SHA1
f6a4392b7a041b45921d58672b666d4c54c0290a

SHA256
a2742ac77456f211194d988b19db9b0fde16a59251f8bb897e126da25d654ec8

SHA512
a26dab4c8dcd728095f1dac25d9d045786331e8160373730d648b01eb309d0d2f7b8549d143fee46b194ad05dabb156de9e987c4b82e02751a83919e8f2eea33

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
68c1b6f09a99be3606fe4a47966d0640

SHA1
ab6f4a2beb9c7f6101787ebfc057e43e09fc758d

SHA256
2bbbaa02ac7142651390a28e8863b4f3ebbbec7cf5f56e2a002dd05bf703de4f

SHA512
88664f439a772cf381cf663e7be8a6518ad3879c3a92be79b1fdf26920b991abdcbd0b0ff783c45c88ff31e74ad902d2f73e713cc03249321968e80dad3e7a35

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
8dada4f49dd7b07d30deb23c48f7253a

SHA1
6aa629c9ef56d59ee51a62f478b18856da521f63

SHA256
d43a964499f598f6258942831fa92f9ac7ea845c87359c675129c4697d473c70

SHA512
68cef42efc74681ec8e7d6bba23c8cfcaf45aac07cb93de11514a647f72e05d0d5e0d1cb1f7b9560f5ffe6482e2cfc63104e34a5ae03fc99c262c82dda3bec2a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
782144f0d91ca069af55c776b8caf6c0

SHA1
09328ddb42a70c70ce2dd2663826bb8a3d90a8ca

SHA256
3b5fe952bffa50f0d4be2b8932c5a39d40d194ef91c2208f8f42c9310b2b083a

SHA512
5c9d5db442ada325aeaa3f539e0d96f745cb9fed36d73e0251c1054f88f002baf63ee3e4697772b0aae7ed6adf5ed9f8d05484a50453e9e388eef2ce9c089501

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
a68f89f62c41d351c6e0632060a24492

SHA1
ef1cebe8f488e684ae479029f5735643b09bd960

SHA256
0ad17b3a81e3140d1ba34547e9239b0b90384d8cbfb42eb89b65abd5aca0bb92

SHA512
a9667b3112a0d46d5ed199fa9bc97637bf92bec27e8252c5aa394e0770b7d78f6ae58219e407ee38d81b5ed7bb758197b47bd654b9c0a18afa9377eeab462400

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
3a5528803d0d7676dc9eeb5718b1231d

SHA1
0b32fc01b42c2a0f636af385bc702eb5f04af118

SHA256
cfb3e7806ba6eeee80fde15e9e643de1402397b9967728f177d456306ae30e51

SHA512
4bd0601ef3d09347bceaeedee7ad7bd6cef019363b534abea4d761a07b8da010764bd50f3da9ba91c50cadb2e84549e0fc8b65ad66759be11850bfb7459e34c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
94e79ea03e49085ed27bd7c233c6bb86

SHA1
3e7de8fa76bc9542d2365a94687bbb6b53921f73

SHA256
24db1d2ee23ab0ed437c4f03a340f3944c7882956026abfadac81e5f06c407a1

SHA512
023000ee77fdc0fe715b2d0baf7891cd60af541d2fc903b6deb31eb8e5965dae338155ad7964b933e8d2a40ff50b08436de3f98114955fc2a6ecf536a896b9c7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
770b888cc65bcf56cccd165e9fe07c7f

SHA1
2264ef8d990f0ce423b7a508aca810dfe33f6c0a

SHA256
69e34e48a58053f2cfe2c2b442524578f2be174f0c771d6b0884550ae0ae7d55

SHA512
242a94f475e99098b459a59752d414a34b9421a43433e29aa96118d3e28ce652fa7da50327e4ef3934d70c885074f62a5a4a55fb1850615c52db790f8f7c9ae1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b7c2eca04d8f90f75c6554baa13b7eba

SHA1
f70da9c8550b4bc5f8dee0ab0c359b268dd4a3c8

SHA256
7494594182df8caf56ca617b571e8510d4e3f5b9c8a80b09c465e0f23f111698

SHA512
a90d77a0a6cfee1c5a1ee580d298a70299acad0a65fe52307b185f8879528a5dcd02659306d13ed04343ced4d80b39732b0fcd558adc4fc45e14fd4285afaf7a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
588c26fda8b742b1a30c537a1d5b9727

SHA1
d7a244f5526743632efd42336da3c5ba3ce30fec

SHA256
c30fb3728baf98bea43a7faa70ce6e835306fe55818a6b6bb049927709823870

SHA512
2db8f6fd91c44776dc75b2555072e80a73845cb0733749b40891d6d12311867b5ee1472a240f4971d3bd1196bce0655609a9eb20a82862fa7ffd264952357a35

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ebc5c0c542bac7e4e7a4867decfc3f5d

SHA1
da35cf79caa5e99051884b14c12cc8840c9517df

SHA256
f2adc0cd174078e636fada97db4bbf89a2e4554aa2b153f063c6e8468534f640

SHA512
4a938dbf4c298bddfdd147545823bc356e5cbee47dfd99567f61ab972812d54768a5e98f0186f3cc17a82b5b75d0f999c0d731b4b716c59fdb9701fcece69074

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a545d33ca5d373f79062c3a2b8d08124

SHA1
19183c7aa0a44e084138607ef94fd1f8a618bb31

SHA256
71743b2fb8bc03ecb25bc118b856c80961019f7090aa9ec819d49b9683125327

SHA512
a128d2240a0b610178ddaccfcd359a905a978c5a6221cd1c985aed8e5a0a959a22ac5217f09ec4817c0da2984df847753e1505dd7dda6e7e7dd25840233fc04c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a5653c85794b825ccc48f243ace14b0f

SHA1
dc80b2d45aa0c9d3853f3b1055661b9def857ff8

SHA256
86935a2c46d4486a9429a3d52246c5cd78b2189e0b8ccb44211aef7c97fa8225

SHA512
442f9b4c6591ec155ddd5cd0c13c1096dcbcd6e821029e3c30a5cce3e981d473ffc23b27c5401c356445a2c8dea5f45e567c02b30c6f08fe68382badacb5610c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
751647886b04b8d9189c3fa7841ae063

SHA1
97953c0ecdecfcaddd1c5e39076f864a869e15cd

SHA256
6f27a9c6a60716a16f22d8f54e89f67f819ecf18511464d4ee43d84f5c4108c4

SHA512
23b780ca368128671d6ad5ced40628288b71696c86788f31da64bc7bcd048f1cdcc58f321cedf95c2cf93246ca2c72a38b51a22a017dcf0e9ede5447f4261aca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
34ca3e5addb4c9ae8bab45ce050bf821

SHA1
d6fced4f4f9c9db23b645f5cd915fc96cec025c9

SHA256
3574e5f3f6bf294a5863a86440fc5d51caa8f76d1721da555fd27209257cbe49

SHA512
ec9ad17ab8c5fa7e3539f1bebf39636176b77a67c23b0a2eae2bac525c9e429ffabd6e8c316a1c788dfdf37f3302388e28561a9fe8f17c4dcb62047df6c8b8d6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8760f821191984473cad3805493f3538

SHA1
5ea5f46542023fda4b76f10ba44c027243151177

SHA256
49f5ca7d950e1a93672cf5bb54853e783719d46e224a77f3dab1ea99dd203605

SHA512
5571c9d95692f1760d3d67d4a81df67fbf47cec039d0a87dc9630dd0958c7c74fd7e38f2ea31f914c1935c8540a31d5a3e40ebb06cfeb4ca567aac05bae879eb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c6c2bf603f88d3514e328349929920f1

SHA1
f978e06875e269b0657547d3de50819d939018d2

SHA256
0526a5276580c5a1b0e91261c1cb854acc1e78cccf8710760f02783f7a6e3420

SHA512
7a38b44335dd191074ac6ed1d3c7e0a39ea9917158fe44e62d46724af89d63b0deee189eda73ee6cf87fd207f723772b4c3208c565059602f0f5fd54a925a9e4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9542a157cde97ad7fa2a49373b8eaa02

SHA1
32543b511909a1532e49084f9efa401a3d5aa8b3

SHA256
db6501328a13e3aae54dcd2c9d2bcdcc75dae22bc9bc99e6c406e6f44d7c053a

SHA512
6fdb63b8bcb82dbaf22872ab8115517344996ab1b5029f25749d66a69e072d1768a2b2f1c20e744f510710ed28df03c57719bf5db9bdeca13ee305013e84150f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e5e5fc27baa54a214537a1c360d61722

SHA1
72544dd86a219dfc1f7246dba6b6d92bad495e5e

SHA256
a8bf3c29332e4bd483a0f1a5d74c9f8fe2234abfd3a04aefb3a04d25fc616166

SHA512
6e321c43b288a7651b31c02b3fc7a74c8bad6ee54c77a3239b935b847e76331e3dfb6fe01889085c1dfadb13dbb83e162bd88d17cf2a1fcb59142ff48017955a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
00405d8b685b22b80f19166d802d028e

SHA1
39cb0a453705834aa6d3db7033c9b46e9c9f10af

SHA256
07d459230a1c268183641aa5a63538016d321e9a0d80b187e324adc1041803c6

SHA512
75a031ca192473a4f73e86404ff6ffb859352011a91819bf01ad9d5f3f5361654818db1c9ae5ec3182e2674c330642f4b476ff387e1f65d89a170403238f74d2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
48a8a7001f59144292d3aae091200469

SHA1
4acfc7acb757914caeb24b23fafc9b534a1c4e09

SHA256
6dd31ff6a53672ff062b111da276df74e048dfa776b75f6a9bd8b8b0570ba018

SHA512
e55e2f61279e42e97046d2de4a03006242427471009160494258e782710dc5b85c95ea40750f368c252cb1d52af04a92edd490ab76bdf37bfb93a2bbceea94a9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
fa6c723638fbf26aff61c73cd643a163

SHA1
eee42983452c383fbf9eabaed7ba1d991b5e5e90

SHA256
1fa2db7877c69fb07dc60e6409e38ddff2fc3e82991d16fc5b72cc4539a65a23

SHA512
8dc19019c2f7253e1082635bd82195907a34cdb4f3549349aa261733b29343d2726d52a1377e62e183aab842f76db2fb369de70d91321adb7496a58e4f35e91c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d072b120121718ee8762e1e03e8b4b36

SHA1
c5185d57fd3181b953d1db6dcbf63d52514823ce

SHA256
2e9fb9aae71684cfa9c657e8b07e8a5a30f8de27293ac2a3e81c854866815c28

SHA512
5a421a9df4cbf3df8cd2ce3d996458613e4a8809763cd995c37c9787b29fec7ee61533931bbbd50ea5734635016dd56dddfc7cd6a0a45491dd34d005fe80061c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
336cc09c93e3115573eb26fa7f90206e

SHA1
b558dbe8d9e51ca7c3939a34843b8946d2b11170

SHA256
4e6ac40583c78f25aa9e615dd9249a7154a4f444470aa3b0e28e8f9b62efffab

SHA512
f3d7e5961af29da888d326ec2a562af5bca93b520081df81dc8fb1dcd4c136a7a8aceb5598a1b41f5eb39cac7624eb1896fefa7e7a1a269c1a25475739e4115a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
4516863771496282c69ac1fc8eada269

SHA1
cf1264774dd3f8319fddc42fa722d1809314ef2e

SHA256
aa383d07869468f49400570d4a4ad5fb616f301e997b35fd8f9223def2104505

SHA512
b8841fa4de4965cc384f555229b328c5618a7847103fa94feac7881ddb25ee133ebf7fb42b0602cd9d06305bdebd05a72429a7a8d42fb65124d97b482b1e8293

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
31dcb51e20f94761451be31c5a9cbbfb

SHA1
f73459bb74c23b713bf3730901e35ea1b24c75f4

SHA256
023730918f36300e8fefa9431eb4d2307187664ae251a9ecb97025f59f739b3c

SHA512
9f8f565d4ed89970694b3d4c8e1be86ca3b5eb3ff2bdcf3e768ba904c6bad44feb702ca5245235f2a6254d138d3c4cc41d83c21233881e5ccc30cc9d2d417606

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e6bc534033759a75b7ef23eeea98e0b6

SHA1
39718f49cb9d53d1a458ab076b68dcbbbc8623f3

SHA256
15c34475a8992edf31510770e131998a4b48fb6453d7fe40a449de33de978ca3

SHA512
ce67c029626f15163810a03b82bf12d2590da5e32d2cb1ade88eda7bb04b888b412729435b199699a16a30a2913571770cf247b78758330dcc988d9f9598c72a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
5612a5f809c3829ce696fe8391fe339f

SHA1
d0432e48ef8ddda0f1b3c5d98fbbfaceea272efc

SHA256
d022bedba1cbb0911bc0140555e177a5e39b103a09305473ee36020a3f6b8ce5

SHA512
3dbb65866f7871c02cf0e392ab98b7980102dbd6b54a2ab374c88f85961bea2df5e0846ef23bd69bccf158b9923cb675b2ec08c603c9950fa65bf7a41d8f2395

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
fe949e4bf53f5792c6ab516e1be1561c

SHA1
3e08e33c468f7b319b4baaa34646881d149d33f0

SHA256
a806280fa7337711679d527327b866c70cc6336df3787ac4e1cec7c8019e297c

SHA512
3f8bbecef6a801a566a1c9f8a50ea93c1811f728e27588097d90f9d82889f6b07779175ed77a3bf10a0d27a286bcc421ba5edd5c75684e2ca3d38f3e62fbc99e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
91a6bf202ac082d4a01c5f564d563bfa

SHA1
40b16c45ddcd9c2e5ace89004001ad93cabb11fa

SHA256
81eee95f1e03323cc624cfc73be2ad4557f0cfc58a5c7152eb17cd3f7f3e8808

SHA512
b6065434f80ffd77338da9891ac8a53874e20864154728de82962bc7ddad0efe3476ee161ab5e697df3bfd8e8afe2767cdb3d492cfb35c60e0e1ed736e42502b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_AC420C38BB74EA210EB13D87E9370DA6

Filesize
406B

MD5
ca86e31713df31438647553236b81f01

SHA1
9ee549b67a3acd92fb181dc458a6612406962888

SHA256
ee53a1c9cc53566d27632efbdeb7c908221c7c35de4d906b8f32ef5727d4ee1e

SHA512
56968d9a5b6d2c6275a2bdb0c71249cc8bb1deec23f019075adf84fb183dcdb1ac34731ff41757eb2607738a1dc1707116102fcd23d6a1bfe1f903f896094156

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_AC420C38BB74EA210EB13D87E9370DA6

Filesize
406B

MD5
13a0b1e1de925e2f404114c6cc7a88e2

SHA1
44668979e55b3b12d4ae154c2a78dc38c9ae8c09

SHA256
3a3011a25cb9b7605144bf3bed141a39d1da83016e6e910eb72db1b65d2d69c9

SHA512
ca7d4fde746f056a0fc0d4b7f0e6996d9d1d1a87b33494c70bedfa37361af4211ee3db5a6d1aee77eede381bb6941e8427103e105f6a221a879e5d2e8a23b532

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
9ebc4665fc9a56eba27d13c240af988e

SHA1
0d4522832245f6b90b52ffd6340f35ebd3e5f1d0

SHA256
bdb168273c0d263fae37b489b9af26bb8f37808664e3ee53afeb0504eb236bdd

SHA512
30ee7518caa497e13f1b1bb6b3eeaf63407895db2b08872ac20e772abceac5dac20080a8e47ab9e4481f153f4739a1571a7fc623d385e8a2c7fdad531c203415

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\cb=gapi[1].js

Filesize
133KB

MD5
4d1bd282f5a3799d4e2880cf69af9269

SHA1
2ede61be138a7beaa7d6214aa278479dce258adb

SHA256
5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693

SHA512
615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\plusone[1].js

Filesize
54KB

MD5
fb86282646c76d835cd2e6c49b8625f7

SHA1
d1b33142b0ce10c3e883e4799dcb0a2f9ddaa3d0

SHA256
638374c6c6251af66fe3f5018eb3ff62b47df830a0137afb51e36ac3279d8109

SHA512
07dff3229f08df2d213f24f62a4610f2736b3d1092599b8fc27602330aafbb5bd1cd9039ffee7f76958f4b75796bb75dd7cd483eaa278c9902e712c256a9b7b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\3604799710-postmessagerelay[1].js

Filesize
11KB

MD5
40aaadf2a7451d276b940cddefb2d0ed

SHA1
b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

SHA256
4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

SHA512
6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\0CZJR9Z4.js

Filesize
157B

MD5
67e216a27dda24bdcb086c2385b0cb99

SHA1
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

SHA256
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

SHA512
802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\rpc_shindig_random[1].js

Filesize
14KB

MD5
23a7ab8d8ba33d255e61be9fc36b1d16

SHA1
042d8431d552c81f4e504644ac88adce7bf2b76f

SHA256
127ffe5850ed564a98f7ac65c81f0d71c163ea45df74f130841f78d4ac5afad5

SHA512
e7c5314731e0b8a54ab1459d7199b36fc25cd0367bc146f5287d3850bd9fe67ba60017d79c97ea8d9a91cd639f2bc2253096ce826277e7088f8abfe6f0534b63

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab2B76.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2BF5.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar2C99.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request