0e2c037407e3ada1e1248cc19c803ee437e3ed31739d1191b1eb8e76a5f0c098

Analysis

max time kernel
120s
max time network
144s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
14/05/2024, 17:15 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

424b11128d4dba8534761d34dbad6c11_JaffaCakes118.html
Size

190KB
MD5

424b11128d4dba8534761d34dbad6c11
SHA1

747533dafa150ef8e18febb0ccd365a50472f121
SHA256

0e2c037407e3ada1e1248cc19c803ee437e3ed31739d1191b1eb8e76a5f0c098
SHA512

069865c317377f99daad1d45e10a85a73865569a74771e678c3afc1b688db5c4f805177775f2b8de78735863d6e6fa5cbf619d56fe199b9b7ca0d556456d73f0
SSDEEP

1536:8xwmejacfHsr4OlD5NYh8Jx4x9XG+F4lMCP8KHP9v0xZFhGUYbNzXA6p41N8Y6lX:3VOltNY2IjXGJlMK8KHCrk3mtt8Ic

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
70	sites.google.com
76	sites.google.com

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "421868807"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{954190D1-1215-11EF-9FA2-EA483E0BCDAF} = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000112dd71d930ff24b8b2b71a2c228122b0000000002000000000010660000000100002000000080a248cc418255bbe80e925943cbca0edcffcb35654161a197c8b82f873f609c000000000e80000000020000200000001f90e1a711364fae7dfe8d4201612ed4a2bbff6aa58f8bd5e8ce23c9cd5def939000000002ce5f10ea268c7fbe25fb0e609a88dff1e7bbe67cd23e083f778d29bfd73ccfe115df10da9508c6ec281344e39f2bcab16eb8312dcf713aadd2ba756a9412c24c23aa6dbb1324444aa496cb2b5e6472c58b4aae45fc27995b8929f49dd3a9f6ed4d2c6a75a5a5dce03818895d15f3f76aa2a87cac61885ac30df12fdb7e6e275ca66e73db4416a825d8947eb5135fd0400000008f836703c9734759050aa028776ccce4100e1ccca2d80a318aaf1654955fc71c701e017a831619f82ce85ffae630e284ee85eaf49d2290bda13ef41392720f5e	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = d0c8fe7222a6da01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000112dd71d930ff24b8b2b71a2c228122b0000000002000000000010660000000100002000000088aa63166e26867fa1545a273e24c3afb6694fa03ed04c0ff30ff66541fc36b1000000000e8000000002000020000000f68fedc86a7a719d536a476d6404b034b7f821808480d8f241ab2e115ec8a2b920000000514578ee93d7706074d3b2a9d97e71765df480ed93bb8ab2f07bd87d3de53ede400000000dfa1c0c8156ed92908a47ba015b0921e1a98042ca212680a9a8b33500b8a78c1e47b90f8a602412a731129c27569013f45e0192b27b19b9aa5cd0c0838e29ed	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-330940541-141609230-1670313778-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1440	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1440	iexplore.exe
1440	iexplore.exe
2700	IEXPLORE.EXE
2700	IEXPLORE.EXE
2700	IEXPLORE.EXE
2700	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1440 wrote to memory of 2700	1440	iexplore.exe	28
PID 1440 wrote to memory of 2700	1440	iexplore.exe	28
PID 1440 wrote to memory of 2700	1440	iexplore.exe	28
PID 1440 wrote to memory of 2700	1440	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\424b11128d4dba8534761d34dbad6c11_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1440
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1440 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2700

Network

DNS

www.blogger.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.blogger.com

IN A

Response

www.blogger.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.201.169
DNS

udsmuslim.googlepages.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

udsmuslim.googlepages.com

IN A

Response

udsmuslim.googlepages.com

IN CNAME

ghs.googlehosted.com

ghs.googlehosted.com

IN A

172.217.20.179
DNS

ajax.googleapis.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

172.217.20.202
DNS

yourjavascript.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

yourjavascript.com

IN A

Response

yourjavascript.com

IN A

13.248.169.48

yourjavascript.com

IN A

76.223.54.146
DNS

3.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

3.bp.blogspot.com

IN A

Response

3.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

cdn.innity.net

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

cdn.innity.net

IN A

Response

cdn.innity.net

IN CNAME

cdn.innity.net.edgekey.net

cdn.innity.net.edgekey.net

IN CNAME

e3973.d.akamaiedge.net

e3973.d.akamaiedge.net

IN A

23.212.201.53
DNS

img1.blogblog.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

img1.blogblog.com

IN A

Response

img1.blogblog.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.201.169
GET

https://www.blogger.com/static/v1/widgets/1590551230-widget_css_bundle.css

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/widgets/1590551230-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 6429
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 13 May 2024 22:48:14 GMT
Expires: Tue, 13 May 2025 22:48:14 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 07 Jun 2016 08:59:52 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 66448
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

IEXPLORE.EXE

Remote address:

172.217.20.202:80

Request

GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33621
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 19:49:03 GMT
Expires: Fri, 09 May 2025 19:49:03 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 422798
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
GET

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8818583053934446931&zx=a8dddf72-e969-4809-8de4-c063231fa3c9

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /dyn-css/authorization.css?targetBlogID=8818583053934446931&zx=a8dddf72-e969-4809-8de4-c063231fa3c9 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 14 May 2024 17:15:43 GMT
Last-Modified: Tue, 14 May 2024 17:15:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/navbar.g?targetBlogID=8818583053934446931&blogName=Gossip+Artis+Malaysia+%7C+Gambar+Artis+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://izyan.com/search&blogLocale=ms&v=2&homepageUrl=http://izyan.com/&vt=5793014963771758051&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /navbar.g?targetBlogID=8818583053934446931&blogName=Gossip+Artis+Malaysia+%7C+Gambar+Artis+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://izyan.com/search&blogLocale=ms&v=2&homepageUrl=http://izyan.com/&vt=5793014963771758051&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 14 May 2024 17:15:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

http://yourjavascript.com/24211643151/jquery.easing.js

IEXPLORE.EXE

Remote address:

13.248.169.48:80

Request

GET /24211643151/jquery.easing.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: yourjavascript.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: openresty
Date: Tue, 14 May 2024 17:15:41 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

IEXPLORE.EXE

Remote address:

172.217.20.202:80

Request

GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 85925
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 05:47:52 GMT
Expires: Sat, 10 May 2025 05:47:52 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 386869
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
DNS

www.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.132
GET

http://udsmuslim.googlepages.com/Stript-ad.js

IEXPLORE.EXE

Remote address:

172.217.20.179:80

Request

GET /Stript-ad.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: udsmuslim.googlepages.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: http://sites.google.com/site/udsmuslim/Stript-ad.js
Date: Tue, 14 May 2024 17:15:41 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 248
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET

http://fonts.googleapis.com/css?family=Oswald

IEXPLORE.EXE

Remote address:

142.250.178.138:80

Request

GET /css?family=Oswald HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 14 May 2024 17:15:41 GMT
Date: Tue, 14 May 2024 17:15:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=PT+Sans+Narrow

IEXPLORE.EXE

Remote address:

142.250.178.138:80

Request

GET /css?family=PT+Sans+Narrow HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 14 May 2024 17:15:41 GMT
Date: Tue, 14 May 2024 17:15:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
DNS

apis.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.75.238
DNS

2.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

2.bp.blogspot.com

IN A

Response

2.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

1.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

1.bp.blogspot.com

IN A

Response

1.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

4.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

4.bp.blogspot.com

IN A

Response

4.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

feeds.feedburner.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

feeds.feedburner.com

IN A

Response

feeds.feedburner.com

IN CNAME

www4.l.google.com

www4.l.google.com

IN A

142.250.178.142
DNS

widgets.amung.us

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

widgets.amung.us

IN A

Response

widgets.amung.us

IN A

104.22.74.171

widgets.amung.us

IN A

172.67.8.141

widgets.amung.us

IN A

104.22.75.171
GET

http://3.bp.blogspot.com/-WrASsxhJRNo/Ve0aRTzK7BI/AAAAAAAAaGc/SivmgkcEypE/s1600/Karyawan%2BBeri%2BPeringatan%2BKepada%2BSoo%2BWincci.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-WrASsxhJRNo/Ve0aRTzK7BI/AAAAAAAAaGc/SivmgkcEypE/s1600/Karyawan%2BBeri%2BPeringatan%2BKepada%2BSoo%2BWincci.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v6868"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Karyawan Beri Peringatan Kepada Soo Wincci.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 22683
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-tB6mTlD6HZo/URjVT15FQrI/AAAAAAAAcFw/XI7HTQO5lgY/s1600/izyancom1112.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-tB6mTlD6HZo/URjVT15FQrI/AAAAAAAAcFw/XI7HTQO5lgY/s1600/izyancom1112.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="izyancom1112.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 22306
X-XSS-Protection: 0
Date: Tue, 14 May 2024 17:15:42 GMT
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v705c"
Content-Type: image/png
Vary: Origin
Age: 0
GET

http://3.bp.blogspot.com/-jqp4fWe0rwo/VURiDvHQCVI/AAAAAAAAPis/YuBz9UUApH0/s1600/Siti%2BNurhaliza%2BSokong%2BTun%2BM.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-jqp4fWe0rwo/VURiDvHQCVI/AAAAAAAAPis/YuBz9UUApH0/s1600/Siti%2BNurhaliza%2BSokong%2BTun%2BM.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 817
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-Mdd51Ci5CCo/Ub-MF9H5RNI/AAAAAAAAhXY/AK_WSoBmtz8/s1600/BM4glc0CMAQI2Bm.jpg+large.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-Mdd51Ci5CCo/Ub-MF9H5RNI/AAAAAAAAhXY/AK_WSoBmtz8/s1600/BM4glc0CMAQI2Bm.jpg+large.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v8577"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="BM4glc0CMAQI2Bm.jpg large.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 36460
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-jqp4fWe0rwo/VURiDvHQCVI/AAAAAAAAPis/YuBz9UUApH0/s300-c/Siti%2BNurhaliza%2BSokong%2BTun%2BM.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-jqp4fWe0rwo/VURiDvHQCVI/AAAAAAAAPis/YuBz9UUApH0/s300-c/Siti%2BNurhaliza%2BSokong%2BTun%2BM.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 403 Forbidden

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:47 GMT
Server: fife
Content-Length: 858
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-HLaIQ8gGYPk/UexLO_O2SlI/AAAAAAAAie4/2_zM47_Crd8/s300-c/540192_510253632380600_774544254_n.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-HLaIQ8gGYPk/UexLO_O2SlI/AAAAAAAAie4/2_zM47_Crd8/s300-c/540192_510253632380600_774544254_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v89ef"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="540192_510253632380600_774544254_n.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 42406
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-AjMhuSpVpwU/UmSYzIpaoOI/AAAAAAAAljk/OIOvG8-m5p4/s1600/abby-abadi-masuk-pas.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-AjMhuSpVpwU/UmSYzIpaoOI/AAAAAAAAljk/OIOvG8-m5p4/s1600/abby-abadi-masuk-pas.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v963a"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="abby-abadi-masuk-pas.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 71697
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-WrASsxhJRNo/Ve0aRTzK7BI/AAAAAAAAaGc/SivmgkcEypE/s300-c/Karyawan%2BBeri%2BPeringatan%2BKepada%2BSoo%2BWincci.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-WrASsxhJRNo/Ve0aRTzK7BI/AAAAAAAAaGc/SivmgkcEypE/s300-c/Karyawan%2BBeri%2BPeringatan%2BKepada%2BSoo%2BWincci.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v6868"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Karyawan Beri Peringatan Kepada Soo Wincci.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 22272
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-jTw11lj4Q9o/UilVx4xjwGI/AAAAAAAAkNY/Y7aJ_9VGgFI/s1600/abby2.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-jTw11lj4Q9o/UilVx4xjwGI/AAAAAAAAkNY/Y7aJ_9VGgFI/s1600/abby2.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v90d7"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="abby2.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 131630
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-AjMhuSpVpwU/UmSYzIpaoOI/AAAAAAAAljk/OIOvG8-m5p4/s300-c/abby-abadi-masuk-pas.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-AjMhuSpVpwU/UmSYzIpaoOI/AAAAAAAAljk/OIOvG8-m5p4/s300-c/abby-abadi-masuk-pas.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v963a"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="abby-abadi-masuk-pas.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 38624
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-HLaIQ8gGYPk/UexLO_O2SlI/AAAAAAAAie4/2_zM47_Crd8/s1600/540192_510253632380600_774544254_n.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-HLaIQ8gGYPk/UexLO_O2SlI/AAAAAAAAie4/2_zM47_Crd8/s1600/540192_510253632380600_774544254_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v89ef"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="540192_510253632380600_774544254_n.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 65108
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-Mdd51Ci5CCo/Ub-MF9H5RNI/AAAAAAAAhXY/AK_WSoBmtz8/s300-c/BM4glc0CMAQI2Bm.jpg+large.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-Mdd51Ci5CCo/Ub-MF9H5RNI/AAAAAAAAhXY/AK_WSoBmtz8/s300-c/BM4glc0CMAQI2Bm.jpg+large.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v8577"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="BM4glc0CMAQI2Bm.jpg large.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 27985
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-zKnfvx3p4tw/T17EsygOsMI/AAAAAAAAALg/WHYxobQI9no/s1600/fb+sepia.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-zKnfvx3p4tw/T17EsygOsMI/AAAAAAAAALg/WHYxobQI9no/s1600/fb+sepia.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vb8"
Expires: Wed, 15 May 2024 17:15:50 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="fb sepia.png"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:50 GMT
Server: fife
Content-Length: 11157
X-XSS-Protection: 0
GET

https://www.blogger.com/static/v1/widgets/3107131574-widgets.js

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /static/v1/widgets/3107131574-widgets.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 37758
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 13 May 2024 08:46:59 GMT
Expires: Tue, 13 May 2025 08:46:59 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 07 Jun 2016 08:59:52 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 116923
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

u-sup.googlecode.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

u-sup.googlecode.com

IN A

Response

u-sup.googlecode.com

IN CNAME

googlecode.l.googleusercontent.com

googlecode.l.googleusercontent.com

IN A

172.217.218.82
GET

http://cdn.innity.net/admanager.js

IEXPLORE.EXE

Remote address:

23.212.201.53:80

Request

GET /admanager.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: cdn.innity.net
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: Apache
Last-Modified: Thu, 25 Apr 2024 07:48:53 GMT
ETag: "31eb-616e704bcc340-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 4247
Content-Type: application/javascript
Cache-Control: max-age=86400
Expires: Wed, 15 May 2024 17:15:41 GMT
Date: Tue, 14 May 2024 17:15:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
GET

http://cdn.innity.net/network.js

IEXPLORE.EXE

Remote address:

23.212.201.53:80

Request

GET /network.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: cdn.innity.net
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: Apache
Last-Modified: Thu, 15 Mar 2018 07:39:17 GMT
ETag: "285c-5676e96c35340-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 3290
Content-Type: application/javascript
Cache-Control: max-age=86400
Expires: Wed, 15 May 2024 17:15:41 GMT
Date: Tue, 14 May 2024 17:15:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
GET

https://img1.blogblog.com/img/icon18_wrench_allbkg.png

IEXPLORE.EXE

Remote address:

142.250.201.169:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: img1.blogblog.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 475
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 17:21:28 GMT
Expires: Thu, 16 May 2024 17:21:28 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 09 May 2024 14:53:06 GMT
Content-Type: image/png
Age: 431657
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://www.google.com/cse/brand?form=cse-search-box&lang=en

IEXPLORE.EXE

Remote address:

142.250.178.132:80

Request

GET /cse/brand?form=cse-search-box&lang=en HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.gstatic.com/prose/brandjs.js
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 237
X-XSS-Protection: 0
Date: Tue, 14 May 2024 17:05:13 GMT
Expires: Tue, 14 May 2024 17:35:13 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 628
GET

https://2.bp.blogspot.com/-2CHmtk5rT88/VDgPHt8IfkI/AAAAAAAAfVw/e_phRPo8O7Q/w72-h72-p-nu/Mazuin_Hamzah.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-2CHmtk5rT88/VDgPHt8IfkI/AAAAAAAAfVw/e_phRPo8O7Q/w72-h72-p-nu/Mazuin_Hamzah.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v7d5d"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Mazuin_Hamzah.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 3733
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://2.bp.blogspot.com/-xyTNgg2aMm0/VxlTt-h1PlI/AAAAAAABLv8/gQEi0Fc6be4JCldc6EF-C6R5W1nw3gOngCLcB/w72-h72-p-nu/ddd.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-xyTNgg2aMm0/VxlTt-h1PlI/AAAAAAABLv8/gQEi0Fc6be4JCldc6EF-C6R5W1nw3gOngCLcB/w72-h72-p-nu/ddd.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v12f00"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ddd.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 3474
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://2.bp.blogspot.com/-OnJuyeT4OQQ/VRHVZ0uqrSI/AAAAAAAA5kY/lUGDtfPVmT4/s1600/julia%2B2015.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-OnJuyeT4OQQ/VRHVZ0uqrSI/AAAAAAAA5kY/lUGDtfPVmT4/s1600/julia%2B2015.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "ve655"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="julia 2015.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 38030
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-R5qR9RpyfXM/UPVa763hx6I/AAAAAAAAAY8/270QL3QZCRk/s1600/pasang-banner125-2.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-R5qR9RpyfXM/UPVa763hx6I/AAAAAAAAAY8/270QL3QZCRk/s1600/pasang-banner125-2.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v18f"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pasang-banner125-2.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 5281
X-XSS-Protection: 0
GET

https://2.bp.blogspot.com/-rDPwkhvdPlw/VudBhhzodCI/AAAAAAABKb0/oOpM98MROwIhXnIvDJ9CMiTZ5fcH4D_OA/s1600/110.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-rDPwkhvdPlw/VudBhhzodCI/AAAAAAABKb0/oOpM98MROwIhXnIvDJ9CMiTZ5fcH4D_OA/s1600/110.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v129be"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="110.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 65561
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://1.bp.blogspot.com/--pUd3fL8Z54/U6j2LM3n19I/AAAAAAAAuo0/--ORb_wBZQc/s1600/083829sl66gg26v633484a.jpg.thumb_-421x750.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /--pUd3fL8Z54/U6j2LM3n19I/AAAAAAAAuo0/--ORb_wBZQc/s1600/083829sl66gg26v633484a.jpg.thumb_-421x750.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vba8e"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="083829sl66gg26v633484a.jpg.thumb_-421x750.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 106010
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-LExXJr8oYfg/U6m_WSa2dOI/AAAAAAAAuqg/QKWckQPfAPc/s1600/10351886_10152268730944998_483730337496102856_n.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-LExXJr8oYfg/U6m_WSa2dOI/AAAAAAAAuqg/QKWckQPfAPc/s1600/10351886_10152268730944998_483730337496102856_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vbaa9"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10351886_10152268730944998_483730337496102856_n.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 101297
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-kPNRyGkIhMY/UsTW8TU7DvI/AAAAAAAAoNQ/Us7GPW3d2GY/s1600/1525476_672706896113537_1649771195_n.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-kPNRyGkIhMY/UsTW8TU7DvI/AAAAAAAAoNQ/Us7GPW3d2GY/s1600/1525476_672706896113537_1649771195_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:53 GMT
Server: fife
Content-Length: 1730
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-tsJB9KgMMig/Vf4i8OycSzI/AAAAAAABDNo/gz91PIrce8k/s1600/1.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-tsJB9KgMMig/Vf4i8OycSzI/AAAAAAABDNo/gz91PIrce8k/s1600/1.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v10cdb"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 77524
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-tsJB9KgMMig/Vf4i8OycSzI/AAAAAAABDNo/gz91PIrce8k/s300-c/1.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-tsJB9KgMMig/Vf4i8OycSzI/AAAAAAABDNo/gz91PIrce8k/s300-c/1.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v10cdb"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 32596
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-ZN8WQSi0sAM/UrbFF_eKa1I/AAAAAAAAqOQ/DpPBW85UruA/s640/abby+abadi+001.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-ZN8WQSi0sAM/UrbFF_eKa1I/AAAAAAAAqOQ/DpPBW85UruA/s640/abby+abadi+001.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 915
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-gANdR6Mpdbo/UnFStjVcjHI/AAAAAAAAmAo/tnf-va7PeVo/s1600/Hairie.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-gANdR6Mpdbo/UnFStjVcjHI/AAAAAAAAmAo/tnf-va7PeVo/s1600/Hairie.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v980b"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Hairie.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 47373
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-kE1itwDmmIw/UrE1dr-Tl1I/AAAAAAAAnpk/BSCY2nU-Nwk/s1600/Dayangku_Intan.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-kE1itwDmmIw/UrE1dr-Tl1I/AAAAAAAAnpk/BSCY2nU-Nwk/s1600/Dayangku_Intan.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v9e9a"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Dayangku_Intan.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 31600
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-mUYyJPYWJgI/Um70LBHcG9I/AAAAAAAAl9o/YmVUUnR_vjU/s1600/Zed+Zaidi.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-mUYyJPYWJgI/Um70LBHcG9I/AAAAAAAAl9o/YmVUUnR_vjU/s1600/Zed+Zaidi.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vbc3e"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Zed Zaidi.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 58748
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-NuWCk3p1gxg/Uk3qkgyVtOI/AAAAAAAAlIQ/vHFc05dzAEs/s1600/1234483_675369299154585_1095120428_n.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-NuWCk3p1gxg/Uk3qkgyVtOI/AAAAAAAAlIQ/vHFc05dzAEs/s1600/1234483_675369299154585_1095120428_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v9486"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1234483_675369299154585_1095120428_n.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 32609
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-wh-qSKmqKg0/UilVxWgpd8I/AAAAAAAAkNI/vB5AgFFhgek/s1600/abby1.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-wh-qSKmqKg0/UilVxWgpd8I/AAAAAAAAkNI/vB5AgFFhgek/s1600/abby1.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v90d4"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="abby1.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 71134
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-gjw_ufkXwUE/VHlGc7bmxsI/AAAAAAAA1cY/ujYXcPsOqI0/s1600/unnamedUMNO-5.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-gjw_ufkXwUE/VHlGc7bmxsI/AAAAAAAA1cY/ujYXcPsOqI0/s1600/unnamedUMNO-5.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vd5c8"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamedUMNO-5.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 99394
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-C5J_n6TDEXo/VCyQXEWepWI/AAAAAAAAy2w/t5sLVLR9CPk/s1600/kazim%2Belias.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-C5J_n6TDEXo/VCyQXEWepWI/AAAAAAAAy2w/t5sLVLR9CPk/s1600/kazim%2Belias.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vcb6d"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="kazim elias.png"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 34261
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-zlj_y28jSdM/UVWWghuhwbI/AAAAAAAAevo/Ydgmq2NCngo/s1600/image.php.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-zlj_y28jSdM/UVWWghuhwbI/AAAAAAAAevo/Ydgmq2NCngo/s1600/image.php.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="image.php.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1346
X-XSS-Protection: 0
Date: Tue, 14 May 2024 17:15:42 GMT
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v7afb"
Content-Type: image/png
Vary: Origin
Age: 0
GET

http://4.bp.blogspot.com/-ouMM0EJCH_I/UilVxvJMfQI/AAAAAAAAkNM/Iha4GdCDGA8/s1600/abby3.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-ouMM0EJCH_I/UilVxvJMfQI/AAAAAAAAkNM/Iha4GdCDGA8/s1600/abby3.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v90d5"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="abby3.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 118218
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-MBsaYgp12PE/UjJix4AUViI/AAAAAAAAkZE/Sg07I7A9p8M/s1600/zed+umno.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-MBsaYgp12PE/UjJix4AUViI/AAAAAAAAkZE/Sg07I7A9p8M/s1600/zed+umno.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v9192"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="zed umno.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 113116
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/--cmpJlJuV9g/U0YWxD-DvTI/AAAAAAAAr-s/ddevBLbw-PA/s300-c/amydddza21.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /--cmpJlJuV9g/U0YWxD-DvTI/AAAAAAAAr-s/ddevBLbw-PA/s300-c/amydddza21.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vafec"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="amydddza21.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 40499
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/--cmpJlJuV9g/U0YWxD-DvTI/AAAAAAAAr-s/ddevBLbw-PA/s1600/amydddza21.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /--cmpJlJuV9g/U0YWxD-DvTI/AAAAAAAAr-s/ddevBLbw-PA/s1600/amydddza21.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vafec"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="amydddza21.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 51829
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-C5J_n6TDEXo/VCyQXEWepWI/AAAAAAAAy2w/t5sLVLR9CPk/s300-c/kazim%2Belias.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-C5J_n6TDEXo/VCyQXEWepWI/AAAAAAAAy2w/t5sLVLR9CPk/s300-c/kazim%2Belias.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vcb6d"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="kazim elias.png"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 102712
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-Bt0JYGRHfpk/T7ZpN5RNSQI/AAAAAAAAGJQ/zQtrWVZwgHA/s1600/bullet.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-Bt0JYGRHfpk/T7ZpN5RNSQI/AAAAAAAAGJQ/zQtrWVZwgHA/s1600/bullet.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bullet.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 371
X-XSS-Protection: 0
Date: Tue, 14 May 2024 17:07:52 GMT
Expires: Wed, 15 May 2024 17:07:52 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 478
ETag: "v1894"
Content-Type: image/png
Vary: Origin
GET

https://apis.google.com/js/plusone.js

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Tue, 14 May 2024 17:15:43 GMT
Expires: Tue, 14 May 2024 17:15:43 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "80d5c9d57d5f206f"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 55813
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 13 May 2024 18:40:04 GMT
Expires: Tue, 13 May 2025 18:40:04 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 81342
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/platform:gapi.iframes.style.common.js

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/navbar.g?targetBlogID=8818583053934446931&blogName=Gossip+Artis+Malaysia+%7C+Gambar+Artis+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://izyan.com/search&blogLocale=ms&v=2&homepageUrl=http://izyan.com/&vt=5793014963771758051&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Tue, 14 May 2024 17:15:47 GMT
Expires: Tue, 14 May 2024 17:15:47 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "1df5d68c1707a051"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/navbar.g?targetBlogID=8818583053934446931&blogName=Gossip+Artis+Malaysia+%7C+Gambar+Artis+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://izyan.com/search&blogLocale=ms&v=2&homepageUrl=http://izyan.com/&vt=5793014963771758051&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 45677
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 04:30:54 GMT
Expires: Sat, 10 May 2025 04:30:54 GMT
Cache-Control: public, max-age=31536000
Age: 391493
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs

IEXPLORE.EXE

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 15190
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 22:01:12 GMT
Expires: Fri, 09 May 2025 22:01:12 GMT
Cache-Control: public, max-age=31536000
Age: 414874
Last-Modified: Mon, 15 Apr 2024 18:15:45 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://widgets.amung.us/tab.js

IEXPLORE.EXE

Remote address:

104.22.74.171:80

Request

GET /tab.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: widgets.amung.us
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:41 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 12 Jan 2023 17:19:30 GMT
etag: W/"63c04122-728a"
expires: Wed, 15 May 2024 16:18:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 3456
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 883c8822ea85a01a-AMS
alt-svc: h3=":443"; ma=86400
GET

http://feeds.feedburner.com/izyan/axLL?format=sigpro

IEXPLORE.EXE

Remote address:

142.250.178.142:80

Request

GET /izyan/axLL?format=sigpro HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: feeds.feedburner.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/xml; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
feedburnerv2:
Last-Modified: Sat, 11 May 2024 14:59:24 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 14 May 2024 17:15:42 GMT
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Content-Security-Policy: script-src 'nonce-dhamK4gYRPoi5qu6tPN9Vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Cross-Origin-Opener-Policy: same-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Resource-Policy: same-site
reporting-endpoints: default="/_/RaichuFeedServer/web-reports?context=eJzjEtDikmLw0pBicEqfwRoCxELcHPt29G1iE9jRdk9DyTIpvzA-sTQlM1-3oDQpJ7M4I7WoWBcoqFuUmJmcUaqblpqaUpxaVJZaFG9kYGRiYGpopGdgEV9gAAD5eR04"
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/GossipArtisMalaysia?format=sigpro

IEXPLORE.EXE

Remote address:

142.250.178.142:80

Request

GET /GossipArtisMalaysia?format=sigpro HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: feeds.feedburner.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/xml; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
feedburnerv2:
Last-Modified: Sun, 12 May 2024 06:33:07 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 14 May 2024 17:15:42 GMT
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-site
Content-Security-Policy: script-src 'nonce-S1CEG_4hgJhvNtugd7IJDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/RaichuFeedServer/web-reports?context=eJzjEtDikmJw0JBicEqfwRoCxELcHPt29G1iE5jRuUZdyTIpvzA-sTQlM1-3oDQpJ7M4I7WoWBcoqFuUmJmcUaqblpqaUpxaVJZaFG9kYGRiYGpopGdgEV9gAADi5Rze"
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://u-sup.googlecode.com/files/page_num.js

IEXPLORE.EXE

Remote address:

172.217.218.82:80

Request

GET /files/page_num.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: u-sup.googlecode.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1578
Date: Tue, 14 May 2024 17:15:42 GMT
DNS

sites.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

sites.google.com

IN A

Response

sites.google.com

IN A

142.250.179.110
GET

http://sites.google.com/site/udsmuslim/Stript-ad.js

IEXPLORE.EXE

Remote address:

142.250.179.110:80

Request

GET /site/udsmuslim/Stript-ad.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: sites.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily

Location: https://sites.google.com/site/udsmuslim/Stript-ad.js
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 14 May 2024 17:15:42 GMT
Expires: Tue, 14 May 2024 17:15:42 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 210
Server: GSE
GET

https://sites.google.com/site/udsmuslim/Stript-ad.js

IEXPLORE.EXE

Remote address:

142.250.179.110:443

Request

GET /site/udsmuslim/Stript-ad.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: sites.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily

Content-Type: text/html; charset=UTF-8
Location: https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fudsmuslim%2FStript-ad.js
Content-Encoding: gzip
Date: Tue, 14 May 2024 17:15:43 GMT
Expires: Tue, 14 May 2024 17:15:43 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fudsmuslim%2FStript-ad.js

IEXPLORE.EXE

Remote address:

142.250.179.110:443

Request

GET /site/sites/system/errors/WebspaceNotFound?path=%2Fudsmuslim%2FStript-ad.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: sites.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily

Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY
Last-Modified: Wed, 01 May 2024 21:49:40 GMT
ETag: "1714600180000|#public|0|en|||0|883462680|632050527"
Location: https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js
Content-Encoding: gzip
Date: Tue, 14 May 2024 17:15:43 GMT
Expires: Tue, 14 May 2024 17:15:43 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://1.bp.blogspot.com/-bdkgj9F28s4/Vw1_ipFkuXI/AAAAAAABLb4/trKBA45UB9cojLc9ZNqbwPmuc4O4Ree0gCLcB/s1600/Banner-Dolla-Cantik.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-bdkgj9F28s4/Vw1_ipFkuXI/AAAAAAABLb4/trKBA45UB9cojLc9ZNqbwPmuc4O4Ree0gCLcB/s1600/Banner-Dolla-Cantik.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v12dc1"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Banner-Dolla-Cantik.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 62652
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://3.bp.blogspot.com/-bCR4Kik5s2Y/VyFDRmU2LNI/AAAAAAABL90/O1mJmj_iJ88ullMabsvXjPlg6XBqXuZPwCLcB/w72-h72-p-nu/1.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-bCR4Kik5s2Y/VyFDRmU2LNI/AAAAAAABL90/O1mJmj_iJ88ullMabsvXjPlg6XBqXuZPwCLcB/w72-h72-p-nu/1.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v12fe3"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 2958
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://1.bp.blogspot.com/-VV_rreaByTA/VyFAzeytE3I/AAAAAAABL9o/nqjOxYWLHNoHdbG0yLLQhxYks_GYFtcngCLcB/w72-h72-p-nu/%2528PNG%2BImage%252C%2B854%25C2%25A0%25C3%2597%25C2%25A0476%2Bpixels.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-VV_rreaByTA/VyFAzeytE3I/AAAAAAABL9o/nqjOxYWLHNoHdbG0yLLQhxYks_GYFtcngCLcB/w72-h72-p-nu/%2528PNG%2BImage%252C%2B854%25C2%25A0%25C3%2597%25C2%25A0476%2Bpixels.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v12fdb"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="(PNG Image, 854___476 pixels.jpg";filename*=UTF-8''(PNG%20Image%2C%20854%C2%A0%C3%97%C2%A0476%20pixels.jpg
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 2822
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://4.bp.blogspot.com/-kL_hdyQTZ3A/Ub-MI3LG-sI/AAAAAAAAhXg/mPiKL4n-FLA/s1600/Snap2.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-kL_hdyQTZ3A/Ub-MI3LG-sI/AAAAAAAAhXg/mPiKL4n-FLA/s1600/Snap2.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v8579"
Expires: Wed, 15 May 2024 17:15:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Snap2.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:42 GMT
Server: fife
Content-Length: 78237
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-gjw_ufkXwUE/VHlGc7bmxsI/AAAAAAAA1cY/ujYXcPsOqI0/s300-c/unnamedUMNO-5.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-gjw_ufkXwUE/VHlGc7bmxsI/AAAAAAAA1cY/ujYXcPsOqI0/s300-c/unnamedUMNO-5.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vd5c8"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamedUMNO-5.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 36075
X-XSS-Protection: 0
GET

https://1.bp.blogspot.com/-lxBrhYmFa4c/VygW80bf50I/AAAAAAABMDo/fXlZUF0JvEECLblagqlYt3857EmctLfewCLcB/w72-h72-p-nu/1111.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-lxBrhYmFa4c/VygW80bf50I/AAAAAAABMDo/fXlZUF0JvEECLblagqlYt3857EmctLfewCLcB/w72-h72-p-nu/1111.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1303b"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1111.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 4807
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://4.bp.blogspot.com/-2a8ajEFBlOM/Vz3FysfC0YI/AAAAAAABMtI/W4R9z4eF1Sc4n95tikFlQa5sMjZeYxr5QCLcB/s1600/980x40_euro.gif

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-2a8ajEFBlOM/Vz3FysfC0YI/AAAAAAABMtI/W4R9z4eF1Sc4n95tikFlQa5sMjZeYxr5QCLcB/s1600/980x40_euro.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v132d3"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="980x40_euro.gif"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 125000
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://3.bp.blogspot.com/-JJFGPfkthEA/VzpJ_3C3THI/AAAAAAABMng/1NjoZLKDpyAVPY_evkVfPOfysXCpOn6OACLcB/s72-c/neelofa%2B1.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-JJFGPfkthEA/VzpJ_3C3THI/AAAAAAABMng/1NjoZLKDpyAVPY_evkVfPOfysXCpOn6OACLcB/s72-c/neelofa%2B1.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1327b"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="neelofa 1.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 4060
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://4.bp.blogspot.com/-r7i7zuTSwok/VyqBKHhdNkI/AAAAAAABMG8/Jrp-t-8sF1kzvXKMKnYkCRZvsqvt0rfVwCLcB/w72-h72-p-nu/qwq.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-r7i7zuTSwok/VyqBKHhdNkI/AAAAAAABMG8/Jrp-t-8sF1kzvXKMKnYkCRZvsqvt0rfVwCLcB/w72-h72-p-nu/qwq.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v13071"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="qwq.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 3477
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://1.bp.blogspot.com/-72HTnzIJkKU/VzJfnx8wZnI/AAAAAAABMb4/MgSURnmodMMnPczwA07gExmswWa2-Q5aACLcB/w72-h72-p-nu/1.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-72HTnzIJkKU/VzJfnx8wZnI/AAAAAAABMb4/MgSURnmodMMnPczwA07gExmswWa2-Q5aACLcB/w72-h72-p-nu/1.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v131c0"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 4300
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://4.bp.blogspot.com/-QzcO8-VceyY/Vyp6uoVS8yI/AAAAAAABMGU/NUHEq8V70cQp8q7CxdJNYckHiEn4ghNFgCLcB/w72-h72-p-nu/1.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-QzcO8-VceyY/Vyp6uoVS8yI/AAAAAAABMGU/NUHEq8V70cQp8q7CxdJNYckHiEn4ghNFgCLcB/w72-h72-p-nu/1.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v13067"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 3285
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://1.bp.blogspot.com/-Rag4i6XK2cQ/VzUU30ZIMTI/AAAAAAABMgA/Q31LWoiD8ToBLunUy_kQPPSJ8qF4V3PygCLcB/s72-c/4.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-Rag4i6XK2cQ/VzUU30ZIMTI/AAAAAAABMgA/Q31LWoiD8ToBLunUy_kQPPSJ8qF4V3PygCLcB/s72-c/4.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v13202"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="4.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 2661
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://2.bp.blogspot.com/-Bif-NI8p6Nw/Vzf9n36e7tI/AAAAAAABMjI/cCp3Tzx-i8o8jol_I3GMZr1MMra-8G9KgCLcB/s72-c/11.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-Bif-NI8p6Nw/Vzf9n36e7tI/AAAAAAABMjI/cCp3Tzx-i8o8jol_I3GMZr1MMra-8G9KgCLcB/s72-c/11.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v13235"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="11.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 3790
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://2.bp.blogspot.com/-kzmcoeFR6K0/VzkMFoG6ILI/AAAAAAABMkE/o4Tfpf0QPtE8JorN5IHCkezvXghRKfhFwCLcB/s72-c/GAMBAR-NIKAH-HAFIDZ-ROSHDI-DAN-NURUL-SHUHADA-3.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-kzmcoeFR6K0/VzkMFoG6ILI/AAAAAAABMkE/o4Tfpf0QPtE8JorN5IHCkezvXghRKfhFwCLcB/s72-c/GAMBAR-NIKAH-HAFIDZ-ROSHDI-DAN-NURUL-SHUHADA-3.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v13242"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="GAMBAR-NIKAH-HAFIDZ-ROSHDI-DAN-NURUL-SHUHADA-3.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 3993
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

accounts.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

173.194.69.84
GET

https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js

IEXPLORE.EXE

Remote address:

173.194.69.84:443

Request

GET /ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Content-Type: application/binary
Set-Cookie: __Host-GAPS=1:EqQN1BIaZeWcqen1iPeAnX9-19L5rw:mlygEQz9Z1LdU9nV; Expires=Thu, 14-May-2026 17:15:43 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 14 May 2024 17:15:43 GMT
Location: https://accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&passive=1209600&service=jotspot&ifkv=AaSxoQwv5mEM8R7LJv84emQqoBx5zFRBKWN6LpyHV3bHSSEOfbTuLq2_dcLsoIA_ajBeBqL3C-IhsQ
Strict-Transport-Security: max-age=31536000; includeSubDomains
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Security-Policy: script-src 'nonce-RErtxHcBeo3VXbpPem6vzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: unsafe-none
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&passive=1209600&service=jotspot&ifkv=AaSxoQwv5mEM8R7LJv84emQqoBx5zFRBKWN6LpyHV3bHSSEOfbTuLq2_dcLsoIA_ajBeBqL3C-IhsQ

IEXPLORE.EXE

Remote address:

173.194.69.84:443

Request

GET /InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&passive=1209600&service=jotspot&ifkv=AaSxoQwv5mEM8R7LJv84emQqoBx5zFRBKWN6LpyHV3bHSSEOfbTuLq2_dcLsoIA_ajBeBqL3C-IhsQ HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
Cookie: __Host-GAPS=1:EqQN1BIaZeWcqen1iPeAnX9-19L5rw:mlygEQz9Z1LdU9nV

Response

HTTP/1.1 302 Moved Temporarily

Content-Type: text/html; charset=UTF-8
X-Frame-Options: DENY
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 14 May 2024 17:15:43 GMT
Location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&ifkv=AaSxoQxoTjzsg0Gyv-gr3m_T6vBQS8A-KvXKTSXMgEFuQruwlVSN665DmZKWfpxMpXzh-CZ5jefUAQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1458902549%3A1715706943717717&ddm=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: require-trusted-types-for 'script';report-uri /cspreport
Content-Security-Policy: script-src 'nonce-oLV51OiNoY53Fie7Q_7fYw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_gse_qebhlk"
Report-To: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&ifkv=AaSxoQxoTjzsg0Gyv-gr3m_T6vBQS8A-KvXKTSXMgEFuQruwlVSN665DmZKWfpxMpXzh-CZ5jefUAQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1458902549%3A1715706943717717&ddm=0

IEXPLORE.EXE

Remote address:

173.194.69.84:443

Request

GET /v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&ifkv=AaSxoQxoTjzsg0Gyv-gr3m_T6vBQS8A-KvXKTSXMgEFuQruwlVSN665DmZKWfpxMpXzh-CZ5jefUAQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1458902549%3A1715706943717717&ddm=0 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
Cookie: __Host-GAPS=1:EqQN1BIaZeWcqen1iPeAnX9-19L5rw:mlygEQz9Z1LdU9nV

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
X-Frame-Options: DENY
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-auto-login: realm=com.google&args=service%3Djotspot%26continue%3Dhttps://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%253D/udsmuslim/Stript-ad.js
Link: <https://www.google.com/intl/en-US/work/apps/business/products/sites/>; rel="canonical"
x-ua-compatible: IE=edge
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 14 May 2024 17:15:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Security-Policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
Content-Security-Policy: script-src 'nonce-01nLKdnP0HJVYXX_Qe2FPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self'
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="AccountsSignInUi"
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Report-To: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
Cross-Origin-Resource-Policy: same-site
reporting-endpoints: default="/v3/signin/_/AccountsSignInUi/web-reports?context=eJzjmsOoxSXFEKQhxbBXaReTY-wTJlcgXv7-KdNqII5Z9YwpAYgPxj1nOgrEbxNeMH0E4q7WF0x9QLy55wXTdiCexvOSaRYQH9n-kukEEEt8fcmkBsTyv6azKgOxU_oM1gAg9qmfwRoFxK03z7FOBuKkf-dZC4B4lsUF1nlA3P75AutUIE7Vv8iaCcRCPBz7d_RtYhNoWPC7iRkAGhVOAg"
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://2.bp.blogspot.com/-XM_iw41C-Os/Vzf8MKoEdYI/AAAAAAABMi4/siD_wd81d_UI9tEnguVaxKZXIVt2Ib3pACLcB/s72-c/111.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-XM_iw41C-Os/Vzf8MKoEdYI/AAAAAAABMi4/siD_wd81d_UI9tEnguVaxKZXIVt2Ib3pACLcB/s72-c/111.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1322f"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="111.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 4009
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://2.bp.blogspot.com/-rDPwkhvdPlw/VudBhhzodCI/AAAAAAABKb0/oOpM98MROwIhXnIvDJ9CMiTZ5fcH4D_OA/s300-c/110.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-rDPwkhvdPlw/VudBhhzodCI/AAAAAAABKb0/oOpM98MROwIhXnIvDJ9CMiTZ5fcH4D_OA/s300-c/110.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v129be"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="110.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 27681
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://2.bp.blogspot.com/-SpU_LgPopnw/VzungTvaCoI/AAAAAAABMoA/uE2tr5Wy50k_uQEtXu9BdbHKIyL1pct9gCLcB/s72-c/Fasha.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:443

Request

GET /-SpU_LgPopnw/VzungTvaCoI/AAAAAAABMoA/uE2tr5Wy50k_uQEtXu9BdbHKIyL1pct9gCLcB/s72-c/Fasha.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v13281"
Expires: Wed, 15 May 2024 17:15:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Fasha.png"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:43 GMT
Server: fife
Content-Length: 12511
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

as.innity.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

as.innity.com

IN A

Response

as.innity.com

IN A

149.129.240.178
GET

http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

IEXPLORE.EXE

Remote address:

172.217.20.163:80

Request

GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15512
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 07:48:20 GMT
Expires: Sat, 10 May 2025 07:48:20 GMT
Cache-Control: public, max-age=31536000
Age: 379644
Last-Modified: Tue, 15 Aug 2023 18:49:40 GMT
Content-Type: font/woff
GET

http://as.innity.com/synd/?cb=1715706942192&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54487&output=js&flash=0&width=728&height=90&vpw=1280&vph=609&auction=107e94a8-a5509fbc

IEXPLORE.EXE

Remote address:

149.129.240.178:80

Request

GET /synd/?cb=1715706942192&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54487&output=js&flash=0&width=728&height=90&vpw=1280&vph=609&auction=107e94a8-a5509fbc HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: as.innity.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:45 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Tue, 14 May 2024 17:15:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=ee1c4a787c3daa19b0692cd57452fbd6; expires=Thu, 14-May-2026 17:15:45 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
Content-Length: 0
Content-Type: text/javascript; charset=utf-8
GET

http://as.innity.com/synd/?cb=1715706943245&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54490&output=js&flash=0&width=*&height=*&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

IEXPLORE.EXE

Remote address:

149.129.240.178:80

Request

GET /synd/?cb=1715706943245&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54490&output=js&flash=0&width=*&height=*&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: as.innity.com
Connection: Keep-Alive
GET

http://as.innity.com/synd/?cb=1715706943245&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54490&output=js&flash=0&width=*&height=*&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

IEXPLORE.EXE

Remote address:

149.129.240.178:80

Request

GET /synd/?cb=1715706943245&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54490&output=js&flash=0&width=*&height=*&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: as.innity.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:46 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Tue, 14 May 2024 17:15:46 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=bae005e9963a019d0efe2835d1768154; expires=Thu, 14-May-2026 17:15:46 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
Content-Length: 0
Content-Type: text/javascript; charset=utf-8
GET

http://as.innity.com/synd/?cb=1715706944818&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54531&output=js&flash=0&width=300&height=250&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

IEXPLORE.EXE

Remote address:

149.129.240.178:80

Request

GET /synd/?cb=1715706944818&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54531&output=js&flash=0&width=300&height=250&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: as.innity.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:47 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Tue, 14 May 2024 17:15:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=7a90c036b0aca17c5faec53c519cd176; expires=Thu, 14-May-2026 17:15:47 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
Content-Length: 0
Content-Type: text/javascript; charset=utf-8
GET

http://as.innity.com/synd/?cb=1715706945350&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54489&output=js&flash=0&width=468&height=60&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

IEXPLORE.EXE

Remote address:

149.129.240.178:80

Request

GET /synd/?cb=1715706945350&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54489&output=js&flash=0&width=468&height=60&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: as.innity.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:47 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Tue, 14 May 2024 17:15:47 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=1365992bdbf68fc90ade4527c795c534; expires=Thu, 14-May-2026 17:15:47 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
Content-Length: 0
Content-Type: text/javascript; charset=utf-8
GET

http://as.innity.com/synd/?cb=1715706946553&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54532&output=js&flash=0&width=160&height=600&cat=ENTERTAINMENT,MALAY&vpw=1263&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

IEXPLORE.EXE

Remote address:

149.129.240.178:80

Request

GET /synd/?cb=1715706946553&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54532&output=js&flash=0&width=160&height=600&cat=ENTERTAINMENT,MALAY&vpw=1263&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: as.innity.com
Connection: Keep-Alive
GET

https://www.google.com/cse/static/images/1x/en/branding.png

IEXPLORE.EXE

Remote address:

142.250.178.132:443

Request

GET /cse/static/images/1x/en/branding.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="prose-team"
Report-To: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
Content-Length: 1556
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 03:17:06 GMT
Expires: Sat, 10 May 2025 03:17:06 GMT
Cache-Control: public, max-age=31536000
Age: 395921
Last-Modified: Thu, 07 Dec 2023 21:00:00 GMT
Content-Type: image/png
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://2.bp.blogspot.com/-lZNK3ZWqsIM/UQKrZgj0PXI/AAAAAAAABRY/emAG0Cevy6E/s1600/arrow_white.gif

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-lZNK3ZWqsIM/UQKrZgj0PXI/AAAAAAAABRY/emAG0Cevy6E/s1600/arrow_white.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="arrow_white.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 59
X-XSS-Protection: 0
Date: Tue, 14 May 2024 15:10:26 GMT
Expires: Wed, 15 May 2024 15:10:26 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 7520
ETag: "va2d"
Content-Type: image/gif
Vary: Origin
GET

http://2.bp.blogspot.com/-OnJuyeT4OQQ/VRHVZ0uqrSI/AAAAAAAA5kY/lUGDtfPVmT4/s300-c/julia%2B2015.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-OnJuyeT4OQQ/VRHVZ0uqrSI/AAAAAAAA5kY/lUGDtfPVmT4/s300-c/julia%2B2015.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "ve655"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="julia 2015.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 23051
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-gANdR6Mpdbo/UnFStjVcjHI/AAAAAAAAmAo/tnf-va7PeVo/s300-c/Hairie.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-gANdR6Mpdbo/UnFStjVcjHI/AAAAAAAAmAo/tnf-va7PeVo/s300-c/Hairie.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v980b"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Hairie.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 34869
X-XSS-Protection: 0
DNS

www.facebook.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

163.70.151.35
DNS

www.youtube.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

216.58.214.78

youtube-ui.l.google.com

IN A

142.250.75.238

youtube-ui.l.google.com

IN A

216.58.214.174

youtube-ui.l.google.com

IN A

172.217.20.174

youtube-ui.l.google.com

IN A

172.217.20.206

youtube-ui.l.google.com

IN A

142.250.179.78

youtube-ui.l.google.com

IN A

142.250.179.110

youtube-ui.l.google.com

IN A

142.250.178.142

youtube-ui.l.google.com

IN A

142.250.201.174

youtube-ui.l.google.com

IN A

172.217.18.206
GET

http://2.bp.blogspot.com/-LExXJr8oYfg/U6m_WSa2dOI/AAAAAAAAuqg/QKWckQPfAPc/s300-c/10351886_10152268730944998_483730337496102856_n.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-LExXJr8oYfg/U6m_WSa2dOI/AAAAAAAAuqg/QKWckQPfAPc/s300-c/10351886_10152268730944998_483730337496102856_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vbaa9"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10351886_10152268730944998_483730337496102856_n.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 35379
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-4OlzmZgWEAE/T2wsT570TSI/AAAAAAAAAGw/GMbts8E_5dw/s1600/bg-home.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-4OlzmZgWEAE/T2wsT570TSI/AAAAAAAAAGw/GMbts8E_5dw/s1600/bg-home.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bg-home.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 892
X-XSS-Protection: 0
Date: Tue, 14 May 2024 17:15:49 GMT
Expires: Wed, 15 May 2024 17:15:49 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v6c"
Content-Type: image/png
Vary: Origin
Age: 0
GET

http://2.bp.blogspot.com/-kPNRyGkIhMY/UsTW8TU7DvI/AAAAAAAAoNQ/Us7GPW3d2GY/s300-c/1525476_672706896113537_1649771195_n.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-kPNRyGkIhMY/UsTW8TU7DvI/AAAAAAAAoNQ/Us7GPW3d2GY/s300-c/1525476_672706896113537_1649771195_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:53 GMT
Server: fife
Content-Length: 1730
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-kE1itwDmmIw/UrE1dr-Tl1I/AAAAAAAAnpk/BSCY2nU-Nwk/s300-c/Dayangku_Intan.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-kE1itwDmmIw/UrE1dr-Tl1I/AAAAAAAAnpk/BSCY2nU-Nwk/s300-c/Dayangku_Intan.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v9e9a"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Dayangku_Intan.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 28313
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-ZN8WQSi0sAM/UrbFF_eKa1I/AAAAAAAAqOQ/DpPBW85UruA/s300-c/abby+abadi+001.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-ZN8WQSi0sAM/UrbFF_eKa1I/AAAAAAAAqOQ/DpPBW85UruA/s300-c/abby+abadi+001.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:56 GMT
Server: fife
Content-Length: 896
X-XSS-Protection: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/inilah-sebab-kenapa-suami-umie-aida.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2015/09/inilah-sebab-kenapa-suami-umie-aida.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/inilah-sebab-kenapa-suami-umie-aida.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/10/isu-minyak-naik-nasihat-ustaz-kazim.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2014/10/isu-minyak-naik-nasihat-ustaz-kazim.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/10/isu-minyak-naik-nasihat-ustaz-kazim.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/hairie-othman-merajuk-enggan-berpolitik.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/10/hairie-othman-merajuk-enggan-berpolitik.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/hairie-othman-merajuk-enggan-berpolitik.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2016/03/azwan-ali-ibaratkan-tun-mahathir-adalah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2016/03/azwan-ali-ibaratkan-tun-mahathir-adalah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2016/03/azwan-ali-ibaratkan-tun-mahathir-adalah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/06/wardina-salahkan-kerajaan-isu-budak-oku.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2014/06/wardina-salahkan-kerajaan-isu-budak-oku.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/06/wardina-salahkan-kerajaan-isu-budak-oku.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/05/sebab-dato-siti-nurhaliza-sokong-tun.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2015/05/sebab-dato-siti-nurhaliza-sokong-tun.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/05/sebab-dato-siti-nurhaliza-sokong-tun.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/gambar-abby-abadi-bantah-kenaikan-harga.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/12/gambar-abby-abadi-bantah-kenaikan-harga.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/gambar-abby-abadi-bantah-kenaikan-harga.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/03/julia-ziegler-akui-malaysia-banyak.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2015/03/julia-ziegler-akui-malaysia-banyak.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/03/julia-ziegler-akui-malaysia-banyak.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/04/amyza-aznan-maki-hamun-pembangkang.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2014/04/amyza-aznan-maki-hamun-pembangkang.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/04/amyza-aznan-maki-hamun-pembangkang.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/abby-seperti-kebudak-budakan-zed-zaidi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/10/abby-seperti-kebudak-budakan-zed-zaidi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/abby-seperti-kebudak-budakan-zed-zaidi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/11/abby-abadi-kecam-kenyataan-dr-mashitah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2014/11/abby-abadi-kecam-kenyataan-dr-mashitah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/11/abby-abadi-kecam-kenyataan-dr-mashitah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/01/wardina-kecam-dbkl.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2014/01/wardina-kecam-dbkl.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/01/wardina-kecam-dbkl.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/seniman-beri-amaran-keras-kepada-soo.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2015/09/seniman-beri-amaran-keras-kepada-soo.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/seniman-beri-amaran-keras-kepada-soo.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/zed-zaidi-gila-dayangku-intan.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/12/zed-zaidi-gila-dayangku-intan.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/zed-zaidi-gila-dayangku-intan.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:80

Request

GET /plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 May 2024 17:15:48 GMT
Connection: keep-alive
Content-Length: 0
GET

http://1.bp.blogspot.com/-mUYyJPYWJgI/Um70LBHcG9I/AAAAAAAAl9o/YmVUUnR_vjU/s300-c/Zed+Zaidi.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-mUYyJPYWJgI/Um70LBHcG9I/AAAAAAAAl9o/YmVUUnR_vjU/s300-c/Zed+Zaidi.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vbc3e"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Zed Zaidi.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 28714
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-NuWCk3p1gxg/Uk3qkgyVtOI/AAAAAAAAlIQ/vHFc05dzAEs/s300-c/1234483_675369299154585_1095120428_n.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-NuWCk3p1gxg/Uk3qkgyVtOI/AAAAAAAAlIQ/vHFc05dzAEs/s300-c/1234483_675369299154585_1095120428_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v9486"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1234483_675369299154585_1095120428_n.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 31453
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-MBsaYgp12PE/UjJix4AUViI/AAAAAAAAkZE/Sg07I7A9p8M/s300-c/zed+umno.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-MBsaYgp12PE/UjJix4AUViI/AAAAAAAAkZE/Sg07I7A9p8M/s300-c/zed+umno.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v9192"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="zed umno.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 38392
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-O3HOVJkubI8/T17FOcKcXEI/AAAAAAAAALw/zGnWePejV74/s1600/twitter.png

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-O3HOVJkubI8/T17FOcKcXEI/AAAAAAAAALw/zGnWePejV74/s1600/twitter.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vbc"
Expires: Wed, 15 May 2024 17:15:50 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="twitter.png"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:50 GMT
Server: fife
Content-Length: 10551
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-wh-qSKmqKg0/UilVxWgpd8I/AAAAAAAAkNI/vB5AgFFhgek/s300-c/abby1.jpg

IEXPLORE.EXE

Remote address:

142.250.179.97:80

Request

GET /-wh-qSKmqKg0/UilVxWgpd8I/AAAAAAAAkNI/vB5AgFFhgek/s300-c/abby1.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v90d4"
Expires: Wed, 15 May 2024 17:15:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="abby1.jpg"
X-Content-Type-Options: nosniff
Date: Tue, 14 May 2024 17:15:48 GMT
Server: fife
Content-Length: 29254
X-XSS-Protection: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/hairie-othman-merajuk-enggan-berpolitik.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/10/hairie-othman-merajuk-enggan-berpolitik.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: lgGdzhwH9InaD4Zet/nQKKTvg0tEejDXuAv1lSySShMXDqYZ1OnD0Hv5FnhNLR3zjoBGNTH6/GwRMqCDj+oTHw==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=35, rtx=1, c=10, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=17, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: lSqTSErIG4ZPSiquPvX89lLqFL6gjmLK3CcP/dGGeU9QGBHKR1POOjg71fFWWTSpFW63oY6HczIizPRkVKM60g==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=35, rtx=1, c=10, mss=1357, tbw=6500, tp=-1, tpl=-1, uplat=15, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2016/03/azwan-ali-ibaratkan-tun-mahathir-adalah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2016/03/azwan-ali-ibaratkan-tun-mahathir-adalah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: jQuc8omFxlrPCTviuoT66OnFLwdxYo5dvCc5FKpyKsNGgfMU6mqn1p593be/8kdBNzDnEIWgmkfWYm8qCtglvA==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=35, rtx=1, c=10, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=18, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/06/wardina-salahkan-kerajaan-isu-budak-oku.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2014/06/wardina-salahkan-kerajaan-isu-budak-oku.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: 4/dqtgMpTnlWPwRGd0lASr0iv3HEGmvZha34X28K8qs+itCTDZxkUv8ibgmYSpU1jn55AaTfg1ve0L8AjphFjA==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=34, rtx=1, c=10, mss=1357, tbw=6500, tp=-1, tpl=-1, uplat=17, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: uuv3BMrEMQw5PTAm2QGpYSxoV+yTKGE8uXLUwyw4RF3fk/ZdZrXCd+ysp1FqAB4l1Hn63kW5ej2w9lRpcfQ6mg==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=36, rtx=1, c=10, mss=1357, tbw=9778, tp=-1, tpl=-1, uplat=17, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/seniman-beri-amaran-keras-kepada-soo.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2015/09/seniman-beri-amaran-keras-kepada-soo.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: zC/9Kr7wAM47QNAADDKhz3zgoFwWm+XwZXTiZfl9hsWm12h7P2dXSDh0VDWmRmxjja9J9vZp16/NDiV5cOCNcA==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=37, rtx=1, c=10, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=19, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: e2in47K1WmNk8YTarfsP8xkWDfDpppH/JZ8Zj/FQgJLqHU0QLz9nzeT0XegCfSv4QTz7aKx6X2/jxlCk0glFkQ==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=36, rtx=1, c=10, mss=1357, tbw=6500, tp=-1, tpl=-1, uplat=17, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/03/julia-ziegler-akui-malaysia-banyak.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2015/03/julia-ziegler-akui-malaysia-banyak.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: 54tFu8ATPhKj5m+Lc8Uuu4w7dHg9heGzU0t/B7Y/uOzFDVhkOsJ7dDQHxqBTjGOaKQOZw8r+CLSsPYPlwjx3Vg==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=33, rtx=1, c=10, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=16, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/05/sebab-dato-siti-nurhaliza-sokong-tun.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2015/05/sebab-dato-siti-nurhaliza-sokong-tun.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: L7OY8CBvOP3YW56wRAHSyqBC0yNZIZfG3nsm6rViFmPMDIVtoetyIT3yIf0kWjfi45RFaVcIJdSx3J3lzMIwAA==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=33, rtx=1, c=10, mss=1357, tbw=6499, tp=-1, tpl=-1, uplat=16, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: GrF+EpL4PkSBzaLmOnYnRF6KoUDcrhZTVw1Wu3nqEl0EDjlC4SSt5UxNrtN3lT1Ry1pAYqPVQo+uMscjDfOg2A==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=35, rtx=1, c=10, mss=1357, tbw=9777, tp=-1, tpl=-1, uplat=18, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/11/abby-abadi-kecam-kenyataan-dr-mashitah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2014/11/abby-abadi-kecam-kenyataan-dr-mashitah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: TzVqP/W74UrFZ4SatgMn/CCxhuqsx8ZorVczm2mqc9nYO+oHssy7crV7zyMJYQhpI/TMxVDPzkxaf/VYzkQuDg==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=37, rtx=1, c=10, mss=1357, tbw=3223, tp=-1, tpl=-1, uplat=15, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/abby-seperti-kebudak-budakan-zed-zaidi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/10/abby-seperti-kebudak-budakan-zed-zaidi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: snK0WaQ8NmtpDxd7kkPUa0YIrKvaGMgyai3Xw90jZVzGkiqmPbLv3fBOjQvBkZNGLAcr/1Mw/oZ/0EtIeA7X+g==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=35, rtx=1, c=10, mss=1357, tbw=6501, tp=-1, tpl=-1, uplat=18, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: OWr4R1ik6Y+YoigUVoGej7uWOwfK1DyG4+g65v0MU20wg6R5lMcGisGrn3Dl75Nt1miRKQl9KZayza61YFjweA==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=35, rtx=1, c=10, mss=1357, tbw=9779, tp=-1, tpl=-1, uplat=19, ullat=1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/10/isu-minyak-naik-nasihat-ustaz-kazim.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2014/10/isu-minyak-naik-nasihat-ustaz-kazim.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: c5rvsrfIZMB5nM/GehbAc+CveCcCBWm4LDKfqz8IENdRWm/ZvGdpdYVtk3pyO6k2C/MfgNb6xpmU0u1C+kakEA==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1357, tbw=137, tp=-1, tpl=-1, uplat=17, ullat=1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/gambar-abby-abadi-bantah-kenaikan-harga.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/12/gambar-abby-abadi-bantah-kenaikan-harga.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: F4ZkiY8ctyo15zFzXKK22J5u18+Ot9eY1Db3SgVsZz8vAkwCbSBrXOzX4eXHRIVkZtSfTwMuQrpZSqXm9MjxGQ==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1357, tbw=3414, tp=-1, tpl=-1, uplat=17, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/zed-zaidi-gila-dayangku-intan.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/12/zed-zaidi-gila-dayangku-intan.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: +3hqnVueVOGGEc7298ZELCdonFzABgYGGGEtWUfHJ+8MQkhj1mF9HUUj38Of+ardztOowRd/Cz3OjywrEMzISg==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1357, tbw=137, tp=-1, tpl=-1, uplat=17, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/inilah-sebab-kenapa-suami-umie-aida.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2015/09/inilah-sebab-kenapa-suami-umie-aida.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: /SoJRSKokT1pFzFpL/JJXNt4WgWr9Xo3v91Dkt3tL0PgRfTlJSQ3ujmGDw2GwmW4Gk9msbmVdLQrS214+niyPg==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1357, tbw=3414, tp=-1, tpl=-1, uplat=18, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: yrEgdcBTCa4/2p1//BhDxjKA+UYx/U1mwJhIbUg92LHxz73+Hs/TiR5WcPzhAqJIlUR/l2Dsg7CCw/yv0Pb11g==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1357, tbw=6692, tp=-1, tpl=-1, uplat=17, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

http://as.innity.com/synd/?cb=1715706946553&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54532&output=js&flash=0&width=160&height=600&cat=ENTERTAINMENT,MALAY&vpw=1263&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

IEXPLORE.EXE

Remote address:

149.129.240.178:80

Request

GET /synd/?cb=1715706946553&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54532&output=js&flash=0&width=160&height=600&cat=ENTERTAINMENT,MALAY&vpw=1263&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: as.innity.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:49 GMT
Server: Apache
Expires: Sat, 03 Sep 1983 02:00:00 GMT
Last-Modified: Tue, 14 May 2024 17:15:49 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Set-Cookie: iUUID=a72edbaf6580ef1b28412c43ff4e422b; expires=Thu, 14-May-2026 17:15:49 GMT; Max-Age=63072000; path=/; SameSite=None; Secure; domain=innity.com
Content-Length: 0
Content-Type: text/javascript; charset=utf-8
DNS

IEXPLORE.EXE

Remote address:

149.129.240.178:80

Response

HTTP/1.0 408 Request Time-out

Cache-Control: no-cache
Connection: close
Content-Type: text/html
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/04/amyza-aznan-maki-hamun-pembangkang.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2014/04/amyza-aznan-maki-hamun-pembangkang.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: ZH+CgmVu3kTapk8cQTBTew8D4aduXBlN2YDlXitlgIUZg/gNviGYesPU1YGm4qOlH8BJmcoocaW+3cSywkzewg==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=10, mss=1357, tbw=137, tp=-1, tpl=-1, uplat=16, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/01/wardina-kecam-dbkl.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

IEXPLORE.EXE

Remote address:

163.70.151.35:443

Request

GET /plugins/like.php?href=http://izyan.com/2014/01/wardina-kecam-dbkl.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: wt5CSL25IGpBNvnecYHWaBHqf6mlWxUfNT50fD9zGjLrOM9Gyr1jrMHVJ4IcoTlTkrGlpa9t7ufe8Q4KeQH4QA==
Date: Tue, 14 May 2024 17:15:49 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1357, tbw=137, tp=-1, tpl=-1, uplat=17, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
DNS

s10.histats.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

s10.histats.com

IN A

Response

s10.histats.com

IN CNAME

s10.histats.com.cdn.cloudflare.net

s10.histats.com.cdn.cloudflare.net

IN A

104.20.19.71

s10.histats.com.cdn.cloudflare.net

IN A

104.20.18.71
GET

http://s10.histats.com/js15.js

IEXPLORE.EXE

Remote address:

104.20.19.71:80

Request

GET /js15.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: s10.histats.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:50 GMT
Content-Type: text/javascript
Content-Length: 4405
Connection: keep-alive
Content-Encoding: gzip
ETag: "980881274"
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
Vary: Accept-Encoding
Cache-Control: max-age=28800
CF-Cache-Status: HIT
Age: 79467
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 883c88560f1b93ee-LHR
DNS

s4.histats.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

s4.histats.com

IN A

Response

s4.histats.com

IN A

149.56.240.27

s4.histats.com

IN A

149.56.240.128

s4.histats.com

IN A

149.56.240.127

s4.histats.com

IN A

142.4.219.198

s4.histats.com

IN A

54.39.128.117

s4.histats.com

IN A

54.39.128.162

s4.histats.com

IN A

149.56.240.130

s4.histats.com

IN A

149.56.240.31

s4.histats.com

IN A

149.56.240.129

s4.histats.com

IN A

149.56.240.132

s4.histats.com

IN A

149.56.240.131

s4.histats.com

IN A

54.39.156.32

s4.histats.com

IN A

158.69.254.144
GET

https://s4.histats.com/stats/497196.php?497196&@f16&@g1&@h1&@i1&@j1715706948080&@k0&@l1&@mGossip%20Artis%20Malaysia%20%7C%20Gambar%20Artis%20Malaysia%20%7C%20Berita%20Artis%3A%20Politik&@n0&@o1000&@q0&@r0&@s140&@ten-US&@u1280&@b1:72355179&@b3:1715706948&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C424b11128d4dba8534761d34dbad6c11_JaffaCakes118.html&@w

IEXPLORE.EXE

Remote address:

149.56.240.27:443

Request

GET /stats/497196.php?497196&@f16&@g1&@h1&@i1&@j1715706948080&@k0&@l1&@mGossip%20Artis%20Malaysia%20%7C%20Gambar%20Artis%20Malaysia%20%7C%20Berita%20Artis%3A%20Politik&@n0&@o1000&@q0&@r0&@s140&@ten-US&@u1280&@b1:72355179&@b3:1715706948&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C424b11128d4dba8534761d34dbad6c11_JaffaCakes118.html&@w HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: s4.histats.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:51 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 397
Connection: close
GET

https://s10.histats.com/counters/cc_140.js

IEXPLORE.EXE

Remote address:

104.20.19.71:443

Request

GET /counters/cc_140.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: s10.histats.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:15:52 GMT
Content-Type: text/javascript
Content-Length: 5917
Connection: keep-alive
Content-Encoding: gzip
ETag: "-985278463"
Last-Modified: Thu, 16 Apr 2020 10:44:54 GMT
Vary: Accept-Encoding
Cache-Control: max-age=28800
CF-Cache-Status: HIT
Age: 23418
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 883c886289f593ea-LHR
DNS

apps.identrust.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

2.18.190.81

a1952.dscq.akamai.net

IN A

2.18.190.80
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

IEXPLORE.EXE

Remote address:

2.18.190.81:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 18:15:51 GMT
Date: Tue, 14 May 2024 17:15:51 GMT
Connection: keep-alive
DNS

x2.c.lencr.org

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

x2.c.lencr.org

IN A

Response

x2.c.lencr.org

IN CNAME

crl.root-x1.letsencrypt.org.edgekey.net

crl.root-x1.letsencrypt.org.edgekey.net

IN CNAME

e8652.dscx.akamaiedge.net

e8652.dscx.akamaiedge.net

IN A

23.55.97.11
GET

http://x2.c.lencr.org/

IEXPLORE.EXE

Remote address:

23.55.97.11:80

Request

GET / HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: x2.c.lencr.org

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: application/pkix-crl
Last-Modified: Mon, 12 Feb 2024 22:07:27 GMT
ETag: "65ca969f-12b"
Cache-Control: max-age=3600
Expires: Tue, 14 May 2024 18:15:52 GMT
Date: Tue, 14 May 2024 17:15:52 GMT
Content-Length: 299
Connection: keep-alive
GET

https://s4.histats.com/stats/e.php?497196&@Ab&@R93233&@w

IEXPLORE.EXE

Remote address:

149.56.240.27:443

Request

GET /stats/e.php?497196&@Ab&@R93233&@w HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: s4.histats.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 14 May 2024 17:16:35 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 397
Connection: close
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.21.17.194

142.250.201.169:443

https://www.blogger.com/static/v1/widgets/1590551230-widget_css_bundle.css

tls, http

IEXPLORE.EXE

1.2kB
12.3kB
14
15

HTTP Request

GET https://www.blogger.com/static/v1/widgets/1590551230-widget_css_bundle.css

HTTP Response

200
172.217.20.202:80

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

http

IEXPLORE.EXE

1.2kB
35.7kB
20
29

HTTP Request

GET http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

HTTP Response

200
13.248.169.48:80

yourjavascript.com

IEXPLORE.EXE

242 B
132 B
5
3
142.250.201.169:443

https://www.blogger.com/navbar.g?targetBlogID=8818583053934446931&blogName=Gossip+Artis+Malaysia+%7C+Gambar+Artis+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://izyan.com/search&blogLocale=ms&v=2&homepageUrl=http://izyan.com/&vt=5793014963771758051&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

tls, http

IEXPLORE.EXE

2.1kB
10.2kB
16
18

HTTP Request

GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8818583053934446931&zx=a8dddf72-e969-4809-8de4-c063231fa3c9

HTTP Response

200

HTTP Request

GET https://www.blogger.com/navbar.g?targetBlogID=8818583053934446931&blogName=Gossip+Artis+Malaysia+%7C+Gambar+Artis+...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=http://izyan.com/search&blogLocale=ms&v=2&homepageUrl=http://izyan.com/&vt=5793014963771758051&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__

HTTP Response

200
13.248.169.48:80

http://yourjavascript.com/24211643151/jquery.easing.js

http

IEXPLORE.EXE

553 B
471 B
6
5

HTTP Request

GET http://yourjavascript.com/24211643151/jquery.easing.js

HTTP Response

200
172.217.20.202:80

http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

http

IEXPLORE.EXE

2.1kB
89.5kB
39
67

HTTP Request

GET http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

HTTP Response

200
172.217.20.179:80

http://udsmuslim.googlepages.com/Stript-ad.js

http

IEXPLORE.EXE

550 B
1.2kB
6
5

HTTP Request

GET http://udsmuslim.googlepages.com/Stript-ad.js

HTTP Response

301
172.217.20.179:80

udsmuslim.googlepages.com

IEXPLORE.EXE

190 B
92 B
4
2
142.250.178.138:80

http://fonts.googleapis.com/css?family=Oswald

http

IEXPLORE.EXE

524 B
892 B
6
5

HTTP Request

GET http://fonts.googleapis.com/css?family=Oswald

HTTP Response

200
142.250.178.138:80

http://fonts.googleapis.com/css?family=PT+Sans+Narrow

http

IEXPLORE.EXE

532 B
892 B
6
5

HTTP Request

GET http://fonts.googleapis.com/css?family=PT+Sans+Narrow

HTTP Response

200
142.250.179.97:80

http://3.bp.blogspot.com/-WrASsxhJRNo/Ve0aRTzK7BI/AAAAAAAAaGc/SivmgkcEypE/s1600/Karyawan%2BBeri%2BPeringatan%2BKepada%2BSoo%2BWincci.jpg

http

IEXPLORE.EXE

1.1kB
24.0kB
15
21

HTTP Request

GET http://3.bp.blogspot.com/-WrASsxhJRNo/Ve0aRTzK7BI/AAAAAAAAaGc/SivmgkcEypE/s1600/Karyawan%2BBeri%2BPeringatan%2BKepada%2BSoo%2BWincci.jpg

HTTP Response

200
142.250.179.97:80

http://3.bp.blogspot.com/-tB6mTlD6HZo/URjVT15FQrI/AAAAAAAAcFw/XI7HTQO5lgY/s1600/izyancom1112.png

http

IEXPLORE.EXE

1.1kB
24.7kB
16
21

HTTP Request

GET http://3.bp.blogspot.com/-tB6mTlD6HZo/URjVT15FQrI/AAAAAAAAcFw/XI7HTQO5lgY/s1600/izyancom1112.png

HTTP Response

200
142.250.179.97:80

http://3.bp.blogspot.com/-HLaIQ8gGYPk/UexLO_O2SlI/AAAAAAAAie4/2_zM47_Crd8/s300-c/540192_510253632380600_774544254_n.jpg

http

IEXPLORE.EXE

3.7kB
85.0kB
47
69

HTTP Request

GET http://3.bp.blogspot.com/-jqp4fWe0rwo/VURiDvHQCVI/AAAAAAAAPis/YuBz9UUApH0/s1600/Siti%2BNurhaliza%2BSokong%2BTun%2BM.jpg

HTTP Response

403

HTTP Request

GET http://3.bp.blogspot.com/-Mdd51Ci5CCo/Ub-MF9H5RNI/AAAAAAAAhXY/AK_WSoBmtz8/s1600/BM4glc0CMAQI2Bm.jpg+large.jpg

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-jqp4fWe0rwo/VURiDvHQCVI/AAAAAAAAPis/YuBz9UUApH0/s300-c/Siti%2BNurhaliza%2BSokong%2BTun%2BM.jpg

HTTP Response

403

HTTP Request

GET http://3.bp.blogspot.com/-HLaIQ8gGYPk/UexLO_O2SlI/AAAAAAAAie4/2_zM47_Crd8/s300-c/540192_510253632380600_774544254_n.jpg

HTTP Response

200
142.250.179.97:80

http://3.bp.blogspot.com/-WrASsxhJRNo/Ve0aRTzK7BI/AAAAAAAAaGc/SivmgkcEypE/s300-c/Karyawan%2BBeri%2BPeringatan%2BKepada%2BSoo%2BWincci.jpg

http

IEXPLORE.EXE

2.7kB
97.9kB
43
75

HTTP Request

GET http://3.bp.blogspot.com/-AjMhuSpVpwU/UmSYzIpaoOI/AAAAAAAAljk/OIOvG8-m5p4/s1600/abby-abadi-masuk-pas.jpg

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-WrASsxhJRNo/Ve0aRTzK7BI/AAAAAAAAaGc/SivmgkcEypE/s300-c/Karyawan%2BBeri%2BPeringatan%2BKepada%2BSoo%2BWincci.jpg

HTTP Response

200
142.250.179.97:80

http://3.bp.blogspot.com/-AjMhuSpVpwU/UmSYzIpaoOI/AAAAAAAAljk/OIOvG8-m5p4/s300-c/abby-abadi-masuk-pas.jpg

http

IEXPLORE.EXE

6.2kB
176.4kB
101
131

HTTP Request

GET http://3.bp.blogspot.com/-jTw11lj4Q9o/UilVx4xjwGI/AAAAAAAAkNY/Y7aJ_9VGgFI/s1600/abby2.jpg

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-AjMhuSpVpwU/UmSYzIpaoOI/AAAAAAAAljk/OIOvG8-m5p4/s300-c/abby-abadi-masuk-pas.jpg

HTTP Response

200
142.250.179.97:80

http://3.bp.blogspot.com/-zKnfvx3p4tw/T17EsygOsMI/AAAAAAAAALg/WHYxobQI9no/s1600/fb+sepia.png

http

IEXPLORE.EXE

3.3kB
109.0kB
50
84

HTTP Request

GET http://3.bp.blogspot.com/-HLaIQ8gGYPk/UexLO_O2SlI/AAAAAAAAie4/2_zM47_Crd8/s1600/540192_510253632380600_774544254_n.jpg

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-Mdd51Ci5CCo/Ub-MF9H5RNI/AAAAAAAAhXY/AK_WSoBmtz8/s300-c/BM4glc0CMAQI2Bm.jpg+large.jpg

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-zKnfvx3p4tw/T17EsygOsMI/AAAAAAAAALg/WHYxobQI9no/s1600/fb+sepia.png

HTTP Response

200
142.250.201.169:443

https://www.blogger.com/static/v1/widgets/3107131574-widgets.js

tls, http

IEXPLORE.EXE

1.8kB
46.6kB
27
39

HTTP Request

GET https://www.blogger.com/static/v1/widgets/3107131574-widgets.js

HTTP Response

200
23.212.201.53:80

http://cdn.innity.net/admanager.js

http

IEXPLORE.EXE

579 B
4.9kB
7
7

HTTP Request

GET http://cdn.innity.net/admanager.js

HTTP Response

200
23.212.201.53:80

http://cdn.innity.net/network.js

http

IEXPLORE.EXE

577 B
3.9kB
7
6

HTTP Request

GET http://cdn.innity.net/network.js

HTTP Response

200
142.250.201.169:443

img1.blogblog.com

tls

IEXPLORE.EXE

754 B
4.8kB
10
9
142.250.201.169:443

https://img1.blogblog.com/img/icon18_wrench_allbkg.png

tls, http

IEXPLORE.EXE

1.1kB
5.9kB
11
9

HTTP Request

GET https://img1.blogblog.com/img/icon18_wrench_allbkg.png

HTTP Response

200
142.250.178.132:80

http://www.google.com/cse/brand?form=cse-search-box&lang=en

http

IEXPLORE.EXE

558 B
748 B
6
4

HTTP Request

GET http://www.google.com/cse/brand?form=cse-search-box&lang=en

HTTP Response

301
142.250.178.132:80

www.google.com

IEXPLORE.EXE

190 B
92 B
4
2
142.250.179.97:443

https://2.bp.blogspot.com/-xyTNgg2aMm0/VxlTt-h1PlI/AAAAAAABLv8/gQEi0Fc6be4JCldc6EF-C6R5W1nw3gOngCLcB/w72-h72-p-nu/ddd.jpg

tls, http

IEXPLORE.EXE

1.8kB
17.1kB
17
20

HTTP Request

GET https://2.bp.blogspot.com/-2CHmtk5rT88/VDgPHt8IfkI/AAAAAAAAfVw/e_phRPo8O7Q/w72-h72-p-nu/Mazuin_Hamzah.jpg

HTTP Response

200

HTTP Request

GET https://2.bp.blogspot.com/-xyTNgg2aMm0/VxlTt-h1PlI/AAAAAAABLv8/gQEi0Fc6be4JCldc6EF-C6R5W1nw3gOngCLcB/w72-h72-p-nu/ddd.jpg

HTTP Response

200
142.250.179.97:80

http://2.bp.blogspot.com/-R5qR9RpyfXM/UPVa763hx6I/AAAAAAAAAY8/270QL3QZCRk/s1600/pasang-banner125-2.jpg

http

IEXPLORE.EXE

1.8kB
45.8kB
24
38

HTTP Request

GET http://2.bp.blogspot.com/-OnJuyeT4OQQ/VRHVZ0uqrSI/AAAAAAAA5kY/lUGDtfPVmT4/s1600/julia%2B2015.jpg

HTTP Response

200

HTTP Request

GET http://2.bp.blogspot.com/-R5qR9RpyfXM/UPVa763hx6I/AAAAAAAAAY8/270QL3QZCRk/s1600/pasang-banner125-2.jpg

HTTP Response

200
142.250.179.97:443

https://2.bp.blogspot.com/-rDPwkhvdPlw/VudBhhzodCI/AAAAAAABKb0/oOpM98MROwIhXnIvDJ9CMiTZ5fcH4D_OA/s1600/110.jpg

tls, http

IEXPLORE.EXE

3.0kB
76.5kB
48
61

HTTP Request

GET https://2.bp.blogspot.com/-rDPwkhvdPlw/VudBhhzodCI/AAAAAAABKb0/oOpM98MROwIhXnIvDJ9CMiTZ5fcH4D_OA/s1600/110.jpg

HTTP Response

200
142.250.179.97:80

http://1.bp.blogspot.com/--pUd3fL8Z54/U6j2LM3n19I/AAAAAAAAuo0/--ORb_wBZQc/s1600/083829sl66gg26v633484a.jpg.thumb_-421x750.jpg

http

IEXPLORE.EXE

2.5kB
109.8kB
47
82

HTTP Request

GET http://1.bp.blogspot.com/--pUd3fL8Z54/U6j2LM3n19I/AAAAAAAAuo0/--ORb_wBZQc/s1600/083829sl66gg26v633484a.jpg.thumb_-421x750.jpg

HTTP Response

200
142.250.179.97:80

http://2.bp.blogspot.com/-LExXJr8oYfg/U6m_WSa2dOI/AAAAAAAAuqg/QKWckQPfAPc/s1600/10351886_10152268730944998_483730337496102856_n.jpg

http

IEXPLORE.EXE

2.6kB
105.0kB
48
80

HTTP Request

GET http://2.bp.blogspot.com/-LExXJr8oYfg/U6m_WSa2dOI/AAAAAAAAuqg/QKWckQPfAPc/s1600/10351886_10152268730944998_483730337496102856_n.jpg

HTTP Response

200
142.250.179.97:80

http://2.bp.blogspot.com/-kPNRyGkIhMY/UsTW8TU7DvI/AAAAAAAAoNQ/Us7GPW3d2GY/s1600/1525476_672706896113537_1649771195_n.jpg

http

IEXPLORE.EXE

636 B
2.2kB
6
6

HTTP Request

GET http://2.bp.blogspot.com/-kPNRyGkIhMY/UsTW8TU7DvI/AAAAAAAAoNQ/Us7GPW3d2GY/s1600/1525476_672706896113537_1649771195_n.jpg

HTTP Response

500
142.250.179.97:80

http://1.bp.blogspot.com/-tsJB9KgMMig/Vf4i8OycSzI/AAAAAAABDNo/gz91PIrce8k/s300-c/1.jpg

http

IEXPLORE.EXE

3.4kB
115.0kB
58
88

HTTP Request

GET http://1.bp.blogspot.com/-tsJB9KgMMig/Vf4i8OycSzI/AAAAAAABDNo/gz91PIrce8k/s1600/1.jpg

HTTP Response

200

HTTP Request

GET http://1.bp.blogspot.com/-tsJB9KgMMig/Vf4i8OycSzI/AAAAAAABDNo/gz91PIrce8k/s300-c/1.jpg

HTTP Response

200
142.250.179.97:80

http://2.bp.blogspot.com/-gANdR6Mpdbo/UnFStjVcjHI/AAAAAAAAmAo/tnf-va7PeVo/s1600/Hairie.jpg

http

IEXPLORE.EXE

1.8kB
50.6kB
24
41

HTTP Request

GET http://2.bp.blogspot.com/-ZN8WQSi0sAM/UrbFF_eKa1I/AAAAAAAAqOQ/DpPBW85UruA/s640/abby+abadi+001.jpg

HTTP Response

404

HTTP Request

GET http://2.bp.blogspot.com/-gANdR6Mpdbo/UnFStjVcjHI/AAAAAAAAmAo/tnf-va7PeVo/s1600/Hairie.jpg

HTTP Response

200
142.250.179.97:80

http://1.bp.blogspot.com/-kE1itwDmmIw/UrE1dr-Tl1I/AAAAAAAAnpk/BSCY2nU-Nwk/s1600/Dayangku_Intan.jpg

http

IEXPLORE.EXE

1.6kB
33.1kB
25
27

HTTP Request

GET http://1.bp.blogspot.com/-kE1itwDmmIw/UrE1dr-Tl1I/AAAAAAAAnpk/BSCY2nU-Nwk/s1600/Dayangku_Intan.jpg

HTTP Response

200
142.250.179.97:80

http://1.bp.blogspot.com/-mUYyJPYWJgI/Um70LBHcG9I/AAAAAAAAl9o/YmVUUnR_vjU/s1600/Zed+Zaidi.jpg

http

IEXPLORE.EXE

2.4kB
61.1kB
41
47

HTTP Request

GET http://1.bp.blogspot.com/-mUYyJPYWJgI/Um70LBHcG9I/AAAAAAAAl9o/YmVUUnR_vjU/s1600/Zed+Zaidi.jpg

HTTP Response

200
142.250.179.97:80

http://1.bp.blogspot.com/-NuWCk3p1gxg/Uk3qkgyVtOI/AAAAAAAAlIQ/vHFc05dzAEs/s1600/1234483_675369299154585_1095120428_n.jpg

http

IEXPLORE.EXE

1.6kB
34.2kB
24
28

HTTP Request

GET http://1.bp.blogspot.com/-NuWCk3p1gxg/Uk3qkgyVtOI/AAAAAAAAlIQ/vHFc05dzAEs/s1600/1234483_675369299154585_1095120428_n.jpg

HTTP Response

200
142.250.179.97:80

http://1.bp.blogspot.com/-wh-qSKmqKg0/UilVxWgpd8I/AAAAAAAAkNI/vB5AgFFhgek/s1600/abby1.jpg

http

IEXPLORE.EXE

1.9kB
73.8kB
35
56

HTTP Request

GET http://1.bp.blogspot.com/-wh-qSKmqKg0/UilVxWgpd8I/AAAAAAAAkNI/vB5AgFFhgek/s1600/abby1.jpg

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/-gjw_ufkXwUE/VHlGc7bmxsI/AAAAAAAA1cY/ujYXcPsOqI0/s1600/unnamedUMNO-5.jpg

http

IEXPLORE.EXE

3.2kB
102.9kB
57
77

HTTP Request

GET http://4.bp.blogspot.com/-gjw_ufkXwUE/VHlGc7bmxsI/AAAAAAAA1cY/ujYXcPsOqI0/s1600/unnamedUMNO-5.jpg

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/-C5J_n6TDEXo/VCyQXEWepWI/AAAAAAAAy2w/t5sLVLR9CPk/s1600/kazim%2Belias.png

http

IEXPLORE.EXE

1.2kB
35.9kB
19
29

HTTP Request

GET http://4.bp.blogspot.com/-C5J_n6TDEXo/VCyQXEWepWI/AAAAAAAAy2w/t5sLVLR9CPk/s1600/kazim%2Belias.png

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/-zlj_y28jSdM/UVWWghuhwbI/AAAAAAAAevo/Ydgmq2NCngo/s1600/image.php.png

http

IEXPLORE.EXE

609 B
2.0kB
6
5

HTTP Request

GET http://4.bp.blogspot.com/-zlj_y28jSdM/UVWWghuhwbI/AAAAAAAAevo/Ydgmq2NCngo/s1600/image.php.png

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/-ouMM0EJCH_I/UilVxvJMfQI/AAAAAAAAkNM/Iha4GdCDGA8/s1600/abby3.jpg

http

IEXPLORE.EXE

3.9kB
122.3kB
67
91

HTTP Request

GET http://4.bp.blogspot.com/-ouMM0EJCH_I/UilVxvJMfQI/AAAAAAAAkNM/Iha4GdCDGA8/s1600/abby3.jpg

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/--cmpJlJuV9g/U0YWxD-DvTI/AAAAAAAAr-s/ddevBLbw-PA/s300-c/amydddza21.jpg

http

IEXPLORE.EXE

5.1kB
159.3kB
90
120

HTTP Request

GET http://4.bp.blogspot.com/-MBsaYgp12PE/UjJix4AUViI/AAAAAAAAkZE/Sg07I7A9p8M/s1600/zed+umno.jpg

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/--cmpJlJuV9g/U0YWxD-DvTI/AAAAAAAAr-s/ddevBLbw-PA/s300-c/amydddza21.jpg

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/-Bt0JYGRHfpk/T7ZpN5RNSQI/AAAAAAAAGJQ/zQtrWVZwgHA/s1600/bullet.png

http

IEXPLORE.EXE

5.5kB
161.9kB
92
123

HTTP Request

GET http://4.bp.blogspot.com/--cmpJlJuV9g/U0YWxD-DvTI/AAAAAAAAr-s/ddevBLbw-PA/s1600/amydddza21.jpg

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/-C5J_n6TDEXo/VCyQXEWepWI/AAAAAAAAy2w/t5sLVLR9CPk/s300-c/kazim%2Belias.png

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/-Bt0JYGRHfpk/T7ZpN5RNSQI/AAAAAAAAGJQ/zQtrWVZwgHA/s1600/bullet.png

HTTP Response

200
142.250.75.238:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

tls, http

IEXPLORE.EXE

7.6kB
161.1kB
93
125

HTTP Request

GET https://apis.google.com/js/plusone.js

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/js/platform:gapi.iframes.style.common.js

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

HTTP Response

200
142.250.75.238:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs

tls, http

IEXPLORE.EXE

1.9kB
21.8kB
23
22

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs

HTTP Response

200
104.22.74.171:80

http://widgets.amung.us/tab.js

http

IEXPLORE.EXE

897 B
20.4kB
14
19

HTTP Request

GET http://widgets.amung.us/tab.js

HTTP Response

200
104.22.74.171:80

widgets.amung.us

IEXPLORE.EXE

466 B
92 B
10
2
142.250.178.142:80

http://feeds.feedburner.com/izyan/axLL?format=sigpro

http

IEXPLORE.EXE

649 B
1.8kB
8
7

HTTP Request

GET http://feeds.feedburner.com/izyan/axLL?format=sigpro

HTTP Response

200
142.250.178.142:80

http://feeds.feedburner.com/GossipArtisMalaysia?format=sigpro

http

IEXPLORE.EXE

658 B
1.8kB
8
7

HTTP Request

GET http://feeds.feedburner.com/GossipArtisMalaysia?format=sigpro

HTTP Response

200
172.217.218.82:80

u-sup.googlecode.com

IEXPLORE.EXE

190 B
92 B
4
2
172.217.218.82:80

http://u-sup.googlecode.com/files/page_num.js

http

IEXPLORE.EXE

590 B
1.9kB
7
5

HTTP Request

GET http://u-sup.googlecode.com/files/page_num.js

HTTP Response

404
142.250.179.110:80

http://sites.google.com/site/udsmuslim/Stript-ad.js

http

IEXPLORE.EXE

550 B
874 B
6
5

HTTP Request

GET http://sites.google.com/site/udsmuslim/Stript-ad.js

HTTP Response

302
142.250.179.110:80

sites.google.com

IEXPLORE.EXE

190 B
92 B
4
2
142.250.179.110:443

https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fudsmuslim%2FStript-ad.js

tls, http

IEXPLORE.EXE

1.7kB
10.2kB
16
19

HTTP Request

GET https://sites.google.com/site/udsmuslim/Stript-ad.js

HTTP Response

302

HTTP Request

GET https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path=%2Fudsmuslim%2FStript-ad.js

HTTP Response

302
142.250.179.97:443

https://1.bp.blogspot.com/-bdkgj9F28s4/Vw1_ipFkuXI/AAAAAAABLb4/trKBA45UB9cojLc9ZNqbwPmuc4O4Ree0gCLcB/s1600/Banner-Dolla-Cantik.jpg

tls, http

IEXPLORE.EXE

2.2kB
73.3kB
34
58

HTTP Request

GET https://1.bp.blogspot.com/-bdkgj9F28s4/Vw1_ipFkuXI/AAAAAAABLb4/trKBA45UB9cojLc9ZNqbwPmuc4O4Ree0gCLcB/s1600/Banner-Dolla-Cantik.jpg

HTTP Response

200
142.250.179.97:443

https://3.bp.blogspot.com/-bCR4Kik5s2Y/VyFDRmU2LNI/AAAAAAABL90/O1mJmj_iJ88ullMabsvXjPlg6XBqXuZPwCLcB/w72-h72-p-nu/1.jpg

tls, http

IEXPLORE.EXE

1.2kB
10.5kB
12
13

HTTP Request

GET https://3.bp.blogspot.com/-bCR4Kik5s2Y/VyFDRmU2LNI/AAAAAAABL90/O1mJmj_iJ88ullMabsvXjPlg6XBqXuZPwCLcB/w72-h72-p-nu/1.jpg

HTTP Response

200
142.250.179.97:443

https://1.bp.blogspot.com/-VV_rreaByTA/VyFAzeytE3I/AAAAAAABL9o/nqjOxYWLHNoHdbG0yLLQhxYks_GYFtcngCLcB/w72-h72-p-nu/%2528PNG%2BImage%252C%2B854%25C2%25A0%25C3%2597%25C2%25A0476%2Bpixels.jpg

tls, http

IEXPLORE.EXE

1.3kB
11.4kB
13
15

HTTP Request

GET https://1.bp.blogspot.com/-VV_rreaByTA/VyFAzeytE3I/AAAAAAABL9o/nqjOxYWLHNoHdbG0yLLQhxYks_GYFtcngCLcB/w72-h72-p-nu/%2528PNG%2BImage%252C%2B854%25C2%25A0%25C3%2597%25C2%25A0476%2Bpixels.jpg

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/-gjw_ufkXwUE/VHlGc7bmxsI/AAAAAAAA1cY/ujYXcPsOqI0/s300-c/unnamedUMNO-5.jpg

http

IEXPLORE.EXE

3.0kB
118.8kB
51
89

HTTP Request

GET http://4.bp.blogspot.com/-kL_hdyQTZ3A/Ub-MI3LG-sI/AAAAAAAAhXg/mPiKL4n-FLA/s1600/Snap2.jpg

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/-gjw_ufkXwUE/VHlGc7bmxsI/AAAAAAAA1cY/ujYXcPsOqI0/s300-c/unnamedUMNO-5.jpg

HTTP Response

200
142.250.179.97:443

https://1.bp.blogspot.com/-lxBrhYmFa4c/VygW80bf50I/AAAAAAABMDo/fXlZUF0JvEECLblagqlYt3857EmctLfewCLcB/w72-h72-p-nu/1111.jpg

tls, http

IEXPLORE.EXE

1.3kB
12.5kB
13
15

HTTP Request

GET https://1.bp.blogspot.com/-lxBrhYmFa4c/VygW80bf50I/AAAAAAABMDo/fXlZUF0JvEECLblagqlYt3857EmctLfewCLcB/w72-h72-p-nu/1111.jpg

HTTP Response

200
142.250.179.97:443

https://4.bp.blogspot.com/-2a8ajEFBlOM/Vz3FysfC0YI/AAAAAAABMtI/W4R9z4eF1Sc4n95tikFlQa5sMjZeYxr5QCLcB/s1600/980x40_euro.gif

tls, http

IEXPLORE.EXE

3.2kB
132.6kB
56
101

HTTP Request

GET https://4.bp.blogspot.com/-2a8ajEFBlOM/Vz3FysfC0YI/AAAAAAABMtI/W4R9z4eF1Sc4n95tikFlQa5sMjZeYxr5QCLcB/s1600/980x40_euro.gif

HTTP Response

200
142.250.179.97:443

https://3.bp.blogspot.com/-JJFGPfkthEA/VzpJ_3C3THI/AAAAAAABMng/1NjoZLKDpyAVPY_evkVfPOfysXCpOn6OACLcB/s72-c/neelofa%2B1.jpg

tls, http

IEXPLORE.EXE

1.3kB
11.8kB
13
15

HTTP Request

GET https://3.bp.blogspot.com/-JJFGPfkthEA/VzpJ_3C3THI/AAAAAAABMng/1NjoZLKDpyAVPY_evkVfPOfysXCpOn6OACLcB/s72-c/neelofa%2B1.jpg

HTTP Response

200
142.250.179.97:443

https://4.bp.blogspot.com/-r7i7zuTSwok/VyqBKHhdNkI/AAAAAAABMG8/Jrp-t-8sF1kzvXKMKnYkCRZvsqvt0rfVwCLcB/w72-h72-p-nu/qwq.jpg

tls, http

IEXPLORE.EXE

1.3kB
12.5kB
13
15

HTTP Request

GET https://4.bp.blogspot.com/-r7i7zuTSwok/VyqBKHhdNkI/AAAAAAABMG8/Jrp-t-8sF1kzvXKMKnYkCRZvsqvt0rfVwCLcB/w72-h72-p-nu/qwq.jpg

HTTP Response

200
142.250.179.97:443

https://1.bp.blogspot.com/-72HTnzIJkKU/VzJfnx8wZnI/AAAAAAABMb4/MgSURnmodMMnPczwA07gExmswWa2-Q5aACLcB/w72-h72-p-nu/1.jpg

tls, http

IEXPLORE.EXE

1.2kB
12.0kB
12
15

HTTP Request

GET https://1.bp.blogspot.com/-72HTnzIJkKU/VzJfnx8wZnI/AAAAAAABMb4/MgSURnmodMMnPczwA07gExmswWa2-Q5aACLcB/w72-h72-p-nu/1.jpg

HTTP Response

200
142.250.179.97:443

https://4.bp.blogspot.com/-QzcO8-VceyY/Vyp6uoVS8yI/AAAAAAABMGU/NUHEq8V70cQp8q7CxdJNYckHiEn4ghNFgCLcB/w72-h72-p-nu/1.jpg

tls, http

IEXPLORE.EXE

1.2kB
10.9kB
12
14

HTTP Request

GET https://4.bp.blogspot.com/-QzcO8-VceyY/Vyp6uoVS8yI/AAAAAAABMGU/NUHEq8V70cQp8q7CxdJNYckHiEn4ghNFgCLcB/w72-h72-p-nu/1.jpg

HTTP Response

200
142.250.179.97:443

2.bp.blogspot.com

tls

IEXPLORE.EXE

573 B
355 B
7
5
142.250.179.97:443

https://1.bp.blogspot.com/-Rag4i6XK2cQ/VzUU30ZIMTI/AAAAAAABMgA/Q31LWoiD8ToBLunUy_kQPPSJ8qF4V3PygCLcB/s72-c/4.jpg

tls, http

IEXPLORE.EXE

1.2kB
10.3kB
12
14

HTTP Request

GET https://1.bp.blogspot.com/-Rag4i6XK2cQ/VzUU30ZIMTI/AAAAAAABMgA/Q31LWoiD8ToBLunUy_kQPPSJ8qF4V3PygCLcB/s72-c/4.jpg

HTTP Response

200
142.250.179.97:443

https://2.bp.blogspot.com/-Bif-NI8p6Nw/Vzf9n36e7tI/AAAAAAABMjI/cCp3Tzx-i8o8jol_I3GMZr1MMra-8G9KgCLcB/s72-c/11.jpg

tls, http

IEXPLORE.EXE

1.0kB
5.0kB
9
10

HTTP Request

GET https://2.bp.blogspot.com/-Bif-NI8p6Nw/Vzf9n36e7tI/AAAAAAABMjI/cCp3Tzx-i8o8jol_I3GMZr1MMra-8G9KgCLcB/s72-c/11.jpg

HTTP Response

200
142.250.179.97:443

https://2.bp.blogspot.com/-kzmcoeFR6K0/VzkMFoG6ILI/AAAAAAABMkE/o4Tfpf0QPtE8JorN5IHCkezvXghRKfhFwCLcB/s72-c/GAMBAR-NIKAH-HAFIDZ-ROSHDI-DAN-NURUL-SHUHADA-3.jpg

tls, http

IEXPLORE.EXE

1.1kB
5.2kB
9
10

HTTP Request

GET https://2.bp.blogspot.com/-kzmcoeFR6K0/VzkMFoG6ILI/AAAAAAABMkE/o4Tfpf0QPtE8JorN5IHCkezvXghRKfhFwCLcB/s72-c/GAMBAR-NIKAH-HAFIDZ-ROSHDI-DAN-NURUL-SHUHADA-3.jpg

HTTP Response

200
173.194.69.84:443

https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&ifkv=AaSxoQxoTjzsg0Gyv-gr3m_T6vBQS8A-KvXKTSXMgEFuQruwlVSN665DmZKWfpxMpXzh-CZ5jefUAQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1458902549%3A1715706943717717&ddm=0

tls, http

IEXPLORE.EXE

5.1kB
130.0kB
60
105

HTTP Request

GET https://accounts.google.com/ServiceLogin?service=jotspot&passive=1209600&continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js

HTTP Response

302

HTTP Request

GET https://accounts.google.com/InteractiveLogin?continue=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&followup=https://sites.google.com/site/sites/system/errors/WebspaceNotFound?path%3D/udsmuslim/Stript-ad.js&passive=1209600&service=jotspot&ifkv=AaSxoQwv5mEM8R7LJv84emQqoBx5zFRBKWN6LpyHV3bHSSEOfbTuLq2_dcLsoIA_ajBeBqL3C-IhsQ

HTTP Response

302

HTTP Request

GET https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&followup=https%3A%2F%2Fsites.google.com%2Fsite%2Fsites%2Fsystem%2Ferrors%2FWebspaceNotFound%3Fpath%3D%2Fudsmuslim%2FStript-ad.js&ifkv=AaSxoQxoTjzsg0Gyv-gr3m_T6vBQS8A-KvXKTSXMgEFuQruwlVSN665DmZKWfpxMpXzh-CZ5jefUAQ&passive=1209600&service=jotspot&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1458902549%3A1715706943717717&ddm=0

HTTP Response

200
173.194.69.84:443

accounts.google.com

tls

IEXPLORE.EXE

710 B
4.8kB
9
9
142.250.179.97:443

https://2.bp.blogspot.com/-rDPwkhvdPlw/VudBhhzodCI/AAAAAAABKb0/oOpM98MROwIhXnIvDJ9CMiTZ5fcH4D_OA/s300-c/110.jpg

tls, http

IEXPLORE.EXE

2.0kB
35.3kB
22
34

HTTP Request

GET https://2.bp.blogspot.com/-XM_iw41C-Os/Vzf8MKoEdYI/AAAAAAABMi4/siD_wd81d_UI9tEnguVaxKZXIVt2Ib3pACLcB/s72-c/111.jpg

HTTP Response

200

HTTP Request

GET https://2.bp.blogspot.com/-rDPwkhvdPlw/VudBhhzodCI/AAAAAAABKb0/oOpM98MROwIhXnIvDJ9CMiTZ5fcH4D_OA/s300-c/110.jpg

HTTP Response

200
142.250.179.97:443

https://2.bp.blogspot.com/-SpU_LgPopnw/VzungTvaCoI/AAAAAAABMoA/uE2tr5Wy50k_uQEtXu9BdbHKIyL1pct9gCLcB/s72-c/Fasha.jpg

tls, http

IEXPLORE.EXE

1.2kB
14.1kB
13
15

HTTP Request

GET https://2.bp.blogspot.com/-SpU_LgPopnw/VzungTvaCoI/AAAAAAABMoA/uE2tr5Wy50k_uQEtXu9BdbHKIyL1pct9gCLcB/s72-c/Fasha.jpg

HTTP Response

200
172.217.20.163:80

http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

http

IEXPLORE.EXE

841 B
16.9kB
12
15

HTTP Request

GET http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

HTTP Response

200
172.217.20.163:80

fonts.gstatic.com

IEXPLORE.EXE

190 B
132 B
4
3
149.129.240.178:80

http://as.innity.com/synd/?cb=1715706943245&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54490&output=js&flash=0&width=*&height=*&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

http

IEXPLORE.EXE

1.9kB
1.4kB
8
6

HTTP Request

GET http://as.innity.com/synd/?cb=1715706942192&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54487&output=js&flash=0&width=728&height=90&vpw=1280&vph=609&auction=107e94a8-a5509fbc

HTTP Response

200

HTTP Request

GET http://as.innity.com/synd/?cb=1715706943245&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54490&output=js&flash=0&width=*&height=*&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D
149.129.240.178:80

http://as.innity.com/synd/?cb=1715706946553&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54532&output=js&flash=0&width=160&height=600&cat=ENTERTAINMENT,MALAY&vpw=1263&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

http

IEXPLORE.EXE

2.6kB
2.1kB
9
7

HTTP Request

GET http://as.innity.com/synd/?cb=1715706943245&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54490&output=js&flash=0&width=*&height=*&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

HTTP Response

200

HTTP Request

GET http://as.innity.com/synd/?cb=1715706944818&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54531&output=js&flash=0&width=300&height=250&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

HTTP Response

200

HTTP Request

GET http://as.innity.com/synd/?cb=1715706945350&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54489&output=js&flash=0&width=468&height=60&cat=ENTERTAINMENT,MALAY&vpw=1280&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

HTTP Response

200

HTTP Request

GET http://as.innity.com/synd/?cb=1715706946553&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54532&output=js&flash=0&width=160&height=600&cat=ENTERTAINMENT,MALAY&vpw=1263&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D
142.250.178.132:443

https://www.google.com/cse/static/images/1x/en/branding.png

tls, http

IEXPLORE.EXE

1.1kB
7.1kB
10
10

HTTP Request

GET https://www.google.com/cse/static/images/1x/en/branding.png

HTTP Response

200
142.250.179.97:80

http://2.bp.blogspot.com/-gANdR6Mpdbo/UnFStjVcjHI/AAAAAAAAmAo/tnf-va7PeVo/s300-c/Hairie.jpg

http

IEXPLORE.EXE

3.2kB
61.9kB
45
52

HTTP Request

GET http://2.bp.blogspot.com/-lZNK3ZWqsIM/UQKrZgj0PXI/AAAAAAAABRY/emAG0Cevy6E/s1600/arrow_white.gif

HTTP Response

200

HTTP Request

GET http://2.bp.blogspot.com/-OnJuyeT4OQQ/VRHVZ0uqrSI/AAAAAAAA5kY/lUGDtfPVmT4/s300-c/julia%2B2015.jpg

HTTP Response

200

HTTP Request

GET http://2.bp.blogspot.com/-gANdR6Mpdbo/UnFStjVcjHI/AAAAAAAAmAo/tnf-va7PeVo/s300-c/Hairie.jpg

HTTP Response

200
142.250.179.97:80

http://2.bp.blogspot.com/-4OlzmZgWEAE/T2wsT570TSI/AAAAAAAAAGw/GMbts8E_5dw/s1600/bg-home.png

http

IEXPLORE.EXE

2.0kB
40.5kB
22
34

HTTP Request

GET http://2.bp.blogspot.com/-LExXJr8oYfg/U6m_WSa2dOI/AAAAAAAAuqg/QKWckQPfAPc/s300-c/10351886_10152268730944998_483730337496102856_n.jpg

HTTP Response

200

HTTP Request

GET http://2.bp.blogspot.com/-4OlzmZgWEAE/T2wsT570TSI/AAAAAAAAAGw/GMbts8E_5dw/s1600/bg-home.png

HTTP Response

200
142.250.179.97:80

http://2.bp.blogspot.com/-kPNRyGkIhMY/UsTW8TU7DvI/AAAAAAAAoNQ/Us7GPW3d2GY/s300-c/1525476_672706896113537_1649771195_n.jpg

http

IEXPLORE.EXE

637 B
2.1kB
6
5

HTTP Request

GET http://2.bp.blogspot.com/-kPNRyGkIhMY/UsTW8TU7DvI/AAAAAAAAoNQ/Us7GPW3d2GY/s300-c/1525476_672706896113537_1649771195_n.jpg

HTTP Response

500
142.250.179.97:80

http://1.bp.blogspot.com/-kE1itwDmmIw/UrE1dr-Tl1I/AAAAAAAAnpk/BSCY2nU-Nwk/s300-c/Dayangku_Intan.jpg

http

IEXPLORE.EXE

1.1kB
29.8kB
17
25

HTTP Request

GET http://1.bp.blogspot.com/-kE1itwDmmIw/UrE1dr-Tl1I/AAAAAAAAnpk/BSCY2nU-Nwk/s300-c/Dayangku_Intan.jpg

HTTP Response

200
142.250.179.97:80

http://2.bp.blogspot.com/-ZN8WQSi0sAM/UrbFF_eKa1I/AAAAAAAAqOQ/DpPBW85UruA/s300-c/abby+abadi+001.jpg

http

IEXPLORE.EXE

667 B
2.5kB
7
5

HTTP Request

GET http://2.bp.blogspot.com/-ZN8WQSi0sAM/UrbFF_eKa1I/AAAAAAAAqOQ/DpPBW85UruA/s300-c/abby+abadi+001.jpg

HTTP Response

404
163.70.151.35:80

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

http

IEXPLORE.EXE

2.1kB
1.8kB
8
7

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/inilah-sebab-kenapa-suami-umie-aida.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/10/isu-minyak-naik-nasihat-ustaz-kazim.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/hairie-othman-merajuk-enggan-berpolitik.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301
163.70.151.35:80

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

http

IEXPLORE.EXE

1.6kB
1.4kB
7
6

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2016/03/azwan-ali-ibaratkan-tun-mahathir-adalah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/06/wardina-salahkan-kerajaan-isu-budak-oku.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301
163.70.151.35:80

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

http

IEXPLORE.EXE

1.6kB
1.4kB
7
6

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/05/sebab-dato-siti-nurhaliza-sokong-tun.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/gambar-abby-abadi-bantah-kenaikan-harga.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301
163.70.151.35:80

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

http

IEXPLORE.EXE

2.1kB
1.8kB
8
7

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/03/julia-ziegler-akui-malaysia-banyak.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/04/amyza-aznan-maki-hamun-pembangkang.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/abby-seperti-kebudak-budakan-zed-zaidi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301
163.70.151.35:80

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

http

IEXPLORE.EXE

1.6kB
1.4kB
7
6

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/11/abby-abadi-kecam-kenyataan-dr-mashitah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/01/wardina-kecam-dbkl.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301
163.70.151.35:80

http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

http

IEXPLORE.EXE

1.6kB
1.4kB
7
6

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/seniman-beri-amaran-keras-kepada-soo.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/zed-zaidi-gila-dayangku-intan.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

301
142.250.179.97:80

http://1.bp.blogspot.com/-mUYyJPYWJgI/Um70LBHcG9I/AAAAAAAAl9o/YmVUUnR_vjU/s300-c/Zed+Zaidi.jpg

http

IEXPLORE.EXE

1.1kB
30.2kB
17
25

HTTP Request

GET http://1.bp.blogspot.com/-mUYyJPYWJgI/Um70LBHcG9I/AAAAAAAAl9o/YmVUUnR_vjU/s300-c/Zed+Zaidi.jpg

HTTP Response

200
216.58.214.78:443

www.youtube.com

tls

IEXPLORE.EXE

752 B
7.4kB
10
11
216.58.214.78:443

www.youtube.com

tls

IEXPLORE.EXE

804 B
7.4kB
11
12
142.250.179.97:80

http://1.bp.blogspot.com/-NuWCk3p1gxg/Uk3qkgyVtOI/AAAAAAAAlIQ/vHFc05dzAEs/s300-c/1234483_675369299154585_1095120428_n.jpg

http

IEXPLORE.EXE

1.2kB
33.0kB
18
27

HTTP Request

GET http://1.bp.blogspot.com/-NuWCk3p1gxg/Uk3qkgyVtOI/AAAAAAAAlIQ/vHFc05dzAEs/s300-c/1234483_675369299154585_1095120428_n.jpg

HTTP Response

200
142.250.179.97:80

http://4.bp.blogspot.com/-O3HOVJkubI8/T17FOcKcXEI/AAAAAAAAALw/zGnWePejV74/s1600/twitter.png

http

IEXPLORE.EXE

2.0kB
52.6kB
28
44

HTTP Request

GET http://4.bp.blogspot.com/-MBsaYgp12PE/UjJix4AUViI/AAAAAAAAkZE/Sg07I7A9p8M/s300-c/zed+umno.jpg

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/-O3HOVJkubI8/T17FOcKcXEI/AAAAAAAAALw/zGnWePejV74/s1600/twitter.png

HTTP Response

200
142.250.179.97:80

http://1.bp.blogspot.com/-wh-qSKmqKg0/UilVxWgpd8I/AAAAAAAAkNI/vB5AgFFhgek/s300-c/abby1.jpg

http

IEXPLORE.EXE

1.1kB
30.7kB
17
25

HTTP Request

GET http://1.bp.blogspot.com/-wh-qSKmqKg0/UilVxWgpd8I/AAAAAAAAkNI/vB5AgFFhgek/s300-c/abby1.jpg

HTTP Response

200
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

1.9kB
10.5kB
14
15

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/hairie-othman-merajuk-enggan-berpolitik.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/abby-abadi-lagi-hentam-kerajaan-di.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

2.4kB
13.9kB
16
18

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2016/03/azwan-ali-ibaratkan-tun-mahathir-adalah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/06/wardina-salahkan-kerajaan-isu-budak-oku.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/06/faizal-tahir-kena-banned-media-prima.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

1.8kB
10.5kB
13
15

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/seniman-beri-amaran-keras-kepada-soo.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/ayah-umno-anak-pas-abby-abadi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

2.4kB
13.9kB
16
18

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/03/julia-ziegler-akui-malaysia-banyak.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/05/sebab-dato-siti-nurhaliza-sokong-tun.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/wardina-kena-sentap-oleh-razak-manap.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

2.5kB
14.5kB
18
19

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/11/abby-abadi-kecam-kenyataan-dr-mashitah.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/10/abby-seperti-kebudak-budakan-zed-zaidi.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/07/zul-ucap-tahniah-abby-suami-sibuk.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
163.70.151.35:443

www.facebook.com

tls

IEXPLORE.EXE

919 B
4.1kB
11
9
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/gambar-abby-abadi-bantah-kenaikan-harga.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

1.7kB
7.3kB
11
13

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/10/isu-minyak-naik-nasihat-ustaz-kazim.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/gambar-abby-abadi-bantah-kenaikan-harga.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

2.3kB
10.7kB
14
16

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/12/zed-zaidi-gila-dayangku-intan.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2015/09/inilah-sebab-kenapa-suami-umie-aida.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2013/09/zed-zaidi-bertanding-jawatan-dalam-umno.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
149.129.240.178:80

http://as.innity.com/synd/?cb=1715706946553&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54532&output=js&flash=0&width=160&height=600&cat=ENTERTAINMENT,MALAY&vpw=1263&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

http

IEXPLORE.EXE

877 B
811 B
7
5

HTTP Request

GET http://as.innity.com/synd/?cb=1715706946553&ver=1&pub=5463b514e21fbd3fec3772fba142a46e&zone=54532&output=js&flash=0&width=160&height=600&cat=ENTERTAINMENT,MALAY&vpw=1263&vph=609&auction=107e94a8-a5509fbc&u=ZmlsZTovL0M6XFVzZXJzXEFkbWluXEFwcERhdGFcTG9jYWxcVGVtcFw0MjRiMTExMjhkNGRiYTg1MzQ3NjFkMzRkYmFkNmMxMV9KYWZmYUNha2VzMTE4Lmh0bWw%3D

HTTP Response

200
149.129.240.178:80

as.innity.com

http

IEXPLORE.EXE

334 B
596 B
7
4

HTTP Response

408
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/04/amyza-aznan-maki-hamun-pembangkang.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

1.1kB
3.9kB
9
10

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/04/amyza-aznan-maki-hamun-pembangkang.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
163.70.151.35:443

https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/01/wardina-kecam-dbkl.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

tls, http

IEXPLORE.EXE

1.1kB
3.9kB
9
10

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=http://izyan.com/2014/01/wardina-kecam-dbkl.html&layout=button_count&show_faces=false&share=true&width=80&action=like&font=arial&colorscheme=dark

HTTP Response

200
104.20.19.71:80

http://s10.histats.com/js15.js

http

IEXPLORE.EXE

575 B
5.1kB
7
7

HTTP Request

GET http://s10.histats.com/js15.js

HTTP Response

200
104.20.19.71:80

s10.histats.com

IEXPLORE.EXE

466 B
92 B
10
2
149.56.240.27:443

s4.histats.com

tls

IEXPLORE.EXE

931 B
3.2kB
9
9
149.56.240.27:443

https://s4.histats.com/stats/497196.php?497196&@f16&@g1&@h1&@i1&@j1715706948080&@k0&@l1&@mGossip%20Artis%20Malaysia%20%7C%20Gambar%20Artis%20Malaysia%20%7C%20Berita%20Artis%3A%20Politik&@n0&@o1000&@q0&@r0&@s140&@ten-US&@u1280&@b1:72355179&@b3:1715706948&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C424b11128d4dba8534761d34dbad6c11_JaffaCakes118.html&@w

tls, http

IEXPLORE.EXE

1.7kB
3.8kB
11
9

HTTP Request

GET https://s4.histats.com/stats/497196.php?497196&@f16&@g1&@h1&@i1&@j1715706948080&@k0&@l1&@mGossip%20Artis%20Malaysia%20%7C%20Gambar%20Artis%20Malaysia%20%7C%20Berita%20Artis%3A%20Politik&@n0&@o1000&@q0&@r0&@s140&@ten-US&@u1280&@b1:72355179&@b3:1715706948&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C424b11128d4dba8534761d34dbad6c11_JaffaCakes118.html&@w

HTTP Response

200
104.20.19.71:443

https://s10.histats.com/counters/cc_140.js

tls, http

IEXPLORE.EXE

1.3kB
12.0kB
15
16

HTTP Request

GET https://s10.histats.com/counters/cc_140.js

HTTP Response

200
2.18.190.81:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

IEXPLORE.EXE

421 B
1.6kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
23.55.97.11:80

http://x2.c.lencr.org/

http

IEXPLORE.EXE

448 B
1.4kB
7
5

HTTP Request

GET http://x2.c.lencr.org/

HTTP Response

200
149.56.240.27:443

https://s4.histats.com/stats/e.php?497196&@Ab&@R93233&@w

tls, http

IEXPLORE.EXE

1.3kB
3.8kB
10
9

HTTP Request

GET https://s4.histats.com/stats/e.php?497196&@Ab&@R93233&@w

HTTP Response

200
149.56.240.27:443

s4.histats.com

tls

IEXPLORE.EXE

1.0kB
3.3kB
10
10
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

779 B
7.6kB
9
11

8.8.8.8:53

www.blogger.com

dns

IEXPLORE.EXE

61 B
108 B
1
1

DNS Request

www.blogger.com

DNS Response

142.250.201.169
8.8.8.8:53

udsmuslim.googlepages.com

dns

IEXPLORE.EXE

71 B
118 B
1
1

DNS Request

udsmuslim.googlepages.com

DNS Response

172.217.20.179
8.8.8.8:53

ajax.googleapis.com

dns

IEXPLORE.EXE

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

172.217.20.202
8.8.8.8:53

yourjavascript.com

dns

IEXPLORE.EXE

64 B
96 B
1
1

DNS Request

yourjavascript.com

DNS Response

13.248.169.48

76.223.54.146
8.8.8.8:53

3.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

3.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

cdn.innity.net

dns

IEXPLORE.EXE

60 B
146 B
1
1

DNS Request

cdn.innity.net

DNS Response

23.212.201.53
8.8.8.8:53

img1.blogblog.com

dns

IEXPLORE.EXE

63 B
110 B
1
1

DNS Request

img1.blogblog.com

DNS Response

142.250.201.169
8.8.8.8:53

www.google.com

dns

IEXPLORE.EXE

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.178.132
8.8.8.8:53

apis.google.com

dns

IEXPLORE.EXE

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

142.250.75.238
8.8.8.8:53

2.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

2.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

1.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

1.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

4.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

4.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

feeds.feedburner.com

dns

IEXPLORE.EXE

66 B
110 B
1
1

DNS Request

feeds.feedburner.com

DNS Response

142.250.178.142
8.8.8.8:53

widgets.amung.us

dns

IEXPLORE.EXE

62 B
110 B
1
1

DNS Request

widgets.amung.us

DNS Response

104.22.74.171

172.67.8.141

104.22.75.171
8.8.8.8:53

u-sup.googlecode.com

dns

IEXPLORE.EXE

66 B
127 B
1
1

DNS Request

u-sup.googlecode.com

DNS Response

172.217.218.82
8.8.8.8:53

sites.google.com

dns

IEXPLORE.EXE

62 B
78 B
1
1

DNS Request

sites.google.com

DNS Response

142.250.179.110
8.8.8.8:53

accounts.google.com

dns

IEXPLORE.EXE

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

173.194.69.84
8.8.8.8:53

as.innity.com

dns

IEXPLORE.EXE

59 B
75 B
1
1

DNS Request

as.innity.com

DNS Response

149.129.240.178
8.8.8.8:53

www.facebook.com

dns

IEXPLORE.EXE

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

163.70.151.35
8.8.8.8:53

www.youtube.com

dns

IEXPLORE.EXE

61 B
255 B
1
1

DNS Request

www.youtube.com

DNS Response

216.58.214.78

142.250.75.238

216.58.214.174

172.217.20.174

172.217.20.206

142.250.179.78

142.250.179.110

142.250.178.142

142.250.201.174

172.217.18.206
8.8.8.8:53

s10.histats.com

dns

IEXPLORE.EXE

61 B
141 B
1
1

DNS Request

s10.histats.com

DNS Response

104.20.19.71

104.20.18.71
8.8.8.8:53

s4.histats.com

dns

IEXPLORE.EXE

60 B
268 B
1
1

DNS Request

s4.histats.com

DNS Response

149.56.240.27

149.56.240.128

149.56.240.127

142.4.219.198

54.39.128.117

54.39.128.162

149.56.240.130

149.56.240.31

149.56.240.129

149.56.240.132

149.56.240.131

54.39.156.32

158.69.254.144
8.8.8.8:53

apps.identrust.com

dns

IEXPLORE.EXE

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

2.18.190.81

2.18.190.80
8.8.8.8:53

x2.c.lencr.org

dns

IEXPLORE.EXE

60 B
165 B
1
1

DNS Request

x2.c.lencr.org

DNS Response

23.55.97.11
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.21.17.194

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
377b0b955dd0b0490e7beca59ae633a5

SHA1
a861cdd741b460d5fbda5452d31a5e507da50c06

SHA256
50e3cb37250fc0daf7672d7bc608ea0471916b2a31d102c5a6c48b0a086bbe7b

SHA512
3ccfdf2f239c66517b6134d51ff52481c5d9c4df22db49556b0073f0aec89c53354988ae5217272beffa6adbaffeded34b7230cbd5a0569d20be076157e61225

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\35DDEDF268117918D1D277A171D8DF7B_DB1F75E49483838D441E14A12D9769E8

Filesize
471B

MD5
ba568e78a67796309b995e3749cd979d

SHA1
4b6861c6bc7e24ef2d9a17e5900a265cd7db10c7

SHA256
91f03e5f93b9f1457ba6b484ac61c3ba81602939ba755045e0d6dc4890c5b474

SHA512
199f622b986bf7314f36eba589355e66bf61576743016729e91d65d7330703a78fce455f9e7e43d3e301ec536c68068c1b1999baf115fd2d9cc5439a2b30e7cf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
68KB

MD5
29f65ba8e88c063813cc50a4ea544e93

SHA1
05a7040d5c127e68c25d81cc51271ffb8bef3568

SHA256
1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

SHA512
e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
ac89a852c2aaa3d389b2d2dd312ad367

SHA1
8f421dd6493c61dbda6b839e2debb7b50a20c930

SHA256
0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

SHA512
c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_AC420C38BB74EA210EB13D87E9370DA6

Filesize
472B

MD5
abeac9eeb432bac05729d6980d535c32

SHA1
da7df505f581306e5e75451c0cb5752309ce0ec4

SHA256
a511905e740293d240a6e4e79d42ec63c121c5863bcefc704a8917fcfb74bc76

SHA512
488e509212fe564407969fef83d164888dd34d623aafdd93a5109ceb43a845c1a36f5bcd81c19ba37c52698d9cc3acda5cadeecf0d00014e21b58d8e825fc10a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\EDC238BFF48A31D55A97E1E93892934B_C20E0DA2D0F89FE526E1490F4A2EE5AB

Filesize
471B

MD5
47a69758d36594ccc368202e75f42491

SHA1
69895504055be47445bd27e744ffec1007667a81

SHA256
b6b7786577a43bb94d4a89cdbd5b0e16499129af986ad4938a8826072af43db8

SHA512
35a0ddeb3790660d3d907253119c0f02e6dd2e6c984b6de38cb8dc4c83777d14d23205b9ad500912de7052c609bf3460ad5d98f39a0d32968e39f15308eda609

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
2e20c69ed8ae4d66a05802d2b577b9a3

SHA1
d900cad04bb760d934c7ab29cbac2036c3276272

SHA256
cb03b38196a28b5a1359abb4ede5fd2a6a8f3ad4e7b649d9b47e95bae9f4b44f

SHA512
5b15d072c2aedf6f4072684b1673e69373f636b13ccc455c6d796b7784309b12d5a8180917337ae2a6890eec49263eb2ca5a86dcabbc7e1bbc2ce7c0d6454c9b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
8a3c8a762cba3b28b3d845f639b5bb73

SHA1
0b21ba3701b73c98eef1a1df2c99ca67988b3305

SHA256
44b27dc5a403adaad14464b418240afd50e4629952ad1d8dc1d338faa789db0b

SHA512
9bfd6e05bf0eed04c5e1e548604ee3d8c2a5551f19137af853bd19608c423364d66125c2ac9dd09dbddfca652099668b491a12c5394cd3e0b21fbd24df72430e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
53097b1bffc01c9988beef63b4a32caf

SHA1
7ecb2fe6c471f42057276164f97aa6fe1d0fd365

SHA256
6703c4837417774afbfcd19c4f92192a5389176c410819bcdbfac931810ac8b1

SHA512
c8f0fd6cdf471c68cec0fbaf79ccf8b7c242b4d38534cbdaae41db949cd4358f8219d79f0a4f214d3fbbe944097fa72b45144f7e6ad0c74b20984e744068ead0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_DB1F75E49483838D441E14A12D9769E8

Filesize
416B

MD5
ecce83fe4a7f2a300e67728894964817

SHA1
aa3729cae6501ac44328346e5e06a1da828cee40

SHA256
8fbd44c0fa42d1d0bb9b52b4f9767768590bd910838b9e2cd3f7cf9a946aa8b0

SHA512
7938270b0aa5077e4c872ba82aca6e3de31015df2e7d39917569378be54617b6eece298653013ca5071f277bc0e1423cda2c5b9c44f84cc120064a27f7ff47d9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\35DDEDF268117918D1D277A171D8DF7B_DB1F75E49483838D441E14A12D9769E8

Filesize
416B

MD5
7280ac372c71abad4ad15472775ccc8f

SHA1
57b0b60eeb0c3905229bb07e66bc7ff53c9a0c4f

SHA256
d32c61470519e5899cc01ed35867eb4c14ec496bf0d0c6db62de32792356a9ed

SHA512
6919efcab377194cfd588952c52b9a7ca0d0ad3a0954b2817095c808bcabbbbb1c2497e8cadfc60ef433ba67cf9abc5dcc27b268175b3a2dda2d57cd7c35b64d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
3a6bfa21c71a954b751c4d4b4bb98a06

SHA1
ab3dd12ed4649537c773913b033fd528912af7eb

SHA256
aa0f4d4b4bdcbd530e2c5e91bd3f769a500750cb43e7fefc7d53a6e05eceb50e

SHA512
ea2ccbae92b6ab1e949f384146a4f6537166a12b3c87b1b1ca407f080a30de80008b0fbb45c6e9c64c4694090dee4173c666fbd66aaf6ddca2367a924ae9ad1a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7bc0fb4fb2f82b945dcb1a4864b3a0de

SHA1
ab686e698d8d0b3480ff2805fa83a739dc77310c

SHA256
bdd8547e236d76ce56e4476ce7f954ab37e8dcec5730fb45b9000c90730a509f

SHA512
d1df3e7b3d4a80bed781e40d93169e3d28a3c7ecbd5995644dfebfbb6ac7c507d05e0f057f713e4b83b811b2a6db19106c78169b95d345f6b7ed9d032f9376bc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a2f228a64f7cb859d7f4a7244bd5988e

SHA1
2ece53b68ab03cb0fa7329e00c582dab73a68962

SHA256
a68bebfcbf0c3e82e21f6bfdf964c7f29f230106b973a6fe48aa051c965f1402

SHA512
278b78a2f43733af4957ccc1a87728584f7f539e4a60ec45fbb0ac3b0a567da7b7bba10a9bc6a43a9c1a24a0251c2a0cffb92a075f357dd00d4f4b00693a5fed

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
63123d970ef8771de1a6222bfc1af1db

SHA1
6eaf9d8c5b216d6c095dc5d190efb3cd915fa1eb

SHA256
b66dfc676ce968a27baa821d87c5d0b0b534a654b559aa0839919d80744a116d

SHA512
5e347f96eda125168a218df09d813e2bca7e05e99e86ed352ac143b8f8d9c81d521b2cf0f3d3b97b9f66da33f7b64fc1fd16a41a0134d30bbc4d8b5867926431

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f509e2eee882ba6d8676a4849ddab512

SHA1
367330a10c3b598aff7a8f66b2372d1c2b9575ef

SHA256
b2821d7152299549bbdbf8a5b907fdadaae2aa799a2489f927d8936dcf47fa71

SHA512
2e90e7184ed35c954faf37e3df11bb9eb3e3ee805d0995e50e2a37126d9734fcb0f46504488d4ca83ccb467b9ab058167c9787f23a2060579711093924886874

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
72f146a173d3fb57276903234b13f823

SHA1
7cdc137aabeeeeb5abd44f1a7b365a62902d6254

SHA256
ce6340cc01cc0034e62e839ec8f334f0cceb3f4e4c542106db642dae79050b58

SHA512
17f3a4e0dc275acd3b7b4d5de85d752969a663f8cf02e05a77d45e4c6e34c488892699199bfc13ac51f6a2f443121d54fc58a27af18ca317be280da91569085a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9e00ccdcb78b239c917cc8da9b2f4eae

SHA1
0e71ab45e621bde35b95b708b77d94c61ae4a250

SHA256
24d7619e8c979699cd8929a4c61319f0e6ed5067f44c2720dc9ba8bb9ed78291

SHA512
aa0671afb425b8703699885e9e53f3bf8f9107cc59e340b72b984f6deb81a7a6f4e5fde97e6d21565dbe90a8ec1ef28553c1dedcb2e25a30dab80a3bfbaeb951

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
55ed8dd1f2b80fcba5c6216987c4340d

SHA1
cc01298c46a3f306e3415ddec6cffd346e256acf

SHA256
b866594b613cd2b4d07383cd3ae1febdd31b7314eb0ade24697b4de1197de905

SHA512
2dbd4bc1314ca1550c5fa7b0ea3fa6e1e22dcb9bb2c773d632503264b5794d28853f201c0a225548f0e44c36971657f7444f038982da6b121af041337ef02d37

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b9bbdde68a9e5e1af7e06b1294e756ef

SHA1
57724a55cdb6734b93fd87f1f344d7c9c0df219f

SHA256
e8f17afcc48221ad6059999e3636e30ab7e83d07d7aab1176853b6d38259fb51

SHA512
cecaf27771e92e9a8df489562ae527ee439c2c0ab0262c4d49d7d35717867593324d46b4db014bea11a35bddf6b9ea00511a867c9e606353cbe68013f98ea257

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9d52f4963b0ce5ff6e89b7d03af1bf6d

SHA1
1cecf53a95e96d077c781d11beef40a8314b80b2

SHA256
7e3b730c5e6ff643e5f29413cddd9e53781a32621434121d199067f9bbb75607

SHA512
20696c71b71b3cb648d4dd1a46870b4860a6af40c9f23fbec0087f86409f8335255fa5377dc7c218cc9f2df2ada32293f4d9ac531665ec8e79644e1f0ce568a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
21a88bf6cc527e2ea44e5db92ec083c5

SHA1
e7012082ca496b3cec67a002106ec59137407644

SHA256
eddcd3813d90c893db6252a929dd1fd2c9e6610a501b0ddca3dc28edd872f7a3

SHA512
22c1523802134c6a488dac1328decfabd5482ffa3d29cd3883dd1187ec93f10779087d4e623a487d3e0149f7ca86ca524cac984b7d880fe4d7bfef8c75a1d0f5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e8121690bfc9e1224113154cd63e17bd

SHA1
1b300e24dadc1b71247e66c7ac2c07d32c38034e

SHA256
1035ee8c8f4849ef34fa98a774f442273982ba597a69527ee8651a007b3f396b

SHA512
7eed3c35d6a0bf21a3fd29cf1766b68df40bf841b3d1c99a77bd105d649350ad2162582ce3ee05099989d91b028b97a17c0cafc71e7dfef1f47b9dafe51f2410

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
bb27d0bb83127488c7d04e91823da972

SHA1
40ead26f4291834445ddb368cc1b00d0e2ffb981

SHA256
ad5307dec1af202cff7c3b445edb2d39c82fcaeccef1f6f68fe2b534479405cf

SHA512
33e6ebe7458ec04ff5a3788aeb880ef107cc0537f1d3d93e3e1b00aaa40b6269ae3dc21627189b9f667bef697461ca0a8b4fc7bddf006bae7bb8317bd94f100a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a18b3959d323743e90e13879c6ca6947

SHA1
43d8f8bb29bcc3c8752642005f677efab1877b01

SHA256
8f7b1f3341058b2eb85b56c8328079ab2a3fbef815e9dd58fc0fb1f8cdccefdd

SHA512
072dbcbe548cb2d43ec632762b81dd2ac502056563aab6237ac35c99578d2523b9d46668e109e22e3509f91de1b32a4e78e1917afaa44c7d6f4fdafc9ef67325

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
64ca22dbd6f6df68a91f77c3e674e0b1

SHA1
051156ddfdbe9b23c62cd9ca3d79d17ff65d813e

SHA256
678df6e2cf4d383311cc7d8d99cce33e054a0f739f1077a6e0b461a3e0400784

SHA512
2264cec8f3c38c2b9e181f759a4b9279d7af387f187bffa2fcb208fe796a1d083d2a87fd0a66d584a3b3165cb827721f99ceabbba89c242687e806e2426951f3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
af9f30c26c6be9f389a30cf4b94eb106

SHA1
ece494dbcfc7d12d2177c03fb5c901948e1d5012

SHA256
721f0b424e21e0bf8d88a75dd8212d3c6efeb25bbd936c0015df8af98696b1d1

SHA512
b263f1d96dc277fa7511ab9bf45670fab42cc079889e868af2fe4f1299e6b6b17a1bfd57b9e3f782180d049e9102525ffaae0e46b7451d1107c3e4a03d9cb119

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
6bc016dd2ecec7cc0a0b61f8774cd5c2

SHA1
1e4d963d130884c0d8b93cd1978ba710000abd18

SHA256
c110255a18f2d5db4a0478941848ffd81db93187338ebf488e099f50ae91b812

SHA512
a7953e41f6ee676b91ad9d28ce5a86a5ed2f39613714de4ccef991692ba1c748f4ff559a78d0bcc4076aa43ae840ac454672c6590fd1e4b62f0c7ba2f3865790

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
8a82755786782b45baf31119cd4d0f11

SHA1
718a79621ba896530fc56d0ed8794ac9ad8b4da6

SHA256
63c0001245df387ddaeac65ec7a803fbaae634176073367ba0cafc53f1e14308

SHA512
db3a17f2fc9f7ad2a38461456b60a0ccd2946e7ab512624c3d464338967647ec7ff53a5f7664291e5d3939c45f1faebc87656476b9f1a2ed3f0620226291b29f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
35a09775ba54fad59a3332feab34db8b

SHA1
3c00afa5e3789af99f43426289a7f240b1279e78

SHA256
244123f1afa0655143ee8be7407f38314e70fbeea751e65d89ad699ebdce35ca

SHA512
f25e234734388abc223ef4e1665f460155f9350fe737beade9f52a847775d8a702c72b7412e2dd7f6bb4574b2caef03958be5f9baa71748d3ae0b3b885047950

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d58c09c0b062f54db86f4774d480c133

SHA1
777e775a4686db072326e176c2815eaf91dd095a

SHA256
bd7eedaff6a2fd0ad01f806569972aaca52f0b47716d44815a89a31dac04a29b

SHA512
d15c7f8213ab367da61aa7cce871195c9db0be786054e174324435ed80c2ffbd0b07f32bf5aa37057f38e731968fed4b7ba644f6c8474a0017bf7b922bf79a17

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d41cbbcb1055c68fe5d5e2ac87c39221

SHA1
cc95eba7f7c30867795cc232460b1049cf1e6131

SHA256
3a8783548536954ebee0dcea4c147dec3b63b7cb931be7f338d4368c7af2d542

SHA512
6cf04a9f983b42b77c0aaac2fbbd96eb4fd2ff7e67e5142513af69b470bfd354d8f52e834153acd9c3dd607eba9ae0128b468f623e52296541d5b72ad209f8e7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
f8dd863dd4fae5376cf8969611d3d35a

SHA1
42422a55e7f881052f0c1044cf19341fa1dbab75

SHA256
fd4edd2457f664f89f5afddede073a0304f93870a855504e8fcb1f72d1d1e487

SHA512
88373779f9d92aaa53c6a76cdac1ce5f8e7465cabe6a5f24bc7b3943eca17837c3acd8b1913da408e628e78c99443d7de3a16598f1beaa28ad617e78fd9648a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
ee33ad9f3fb7c5cd7c4f78c66f19413b

SHA1
d201b3dc360af4327f5fa2e9e7d9ab4662fee474

SHA256
6f7fd4f44be44e195354e8a9d2781a65cf6e408922c9c0cd0683d057632a37c4

SHA512
7504c5a03330c4a9cff158911370b3a4d8892bb08d29bbbdc18df635493641c03f471e1ef0030c7179790bc353e24312700f482f05345c545dcc8e1a3430f749

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
93555390e2769cef86245f69dd202606

SHA1
64cfc9c3d9a1325553ddabf2dfc4cf566f0567a2

SHA256
958f5acebbd0f14ac18c73a91af7e28b58b11d783a00ea31624719e3ec090339

SHA512
96c5a019bd6084e787884d25624b9ed4827dafe3649f3434cd6dc2e5f64daa5eae473e32c3723180d84ebb89e52daf7385f329b6a57744d700c65d0bfc71040a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_AC420C38BB74EA210EB13D87E9370DA6

Filesize
406B

MD5
16ba77b23dfb63d37cb78c72c1e483df

SHA1
e7a23aeb3ebfbc32ff3bfa91bad16ef4ad95dbef

SHA256
674ba99e586946ca65d1209924250659c41a02e0c76644f6f582072d8e4dd97f

SHA512
e6624fba79e4a3562869758e81ccaf132b5e76f5a9ffc60c09fc2e0be410835b962aa6735bc4fc8dca58b4fa6d155cad5682fd9b193d87c1259310d32353deef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_AC420C38BB74EA210EB13D87E9370DA6

Filesize
406B

MD5
a16ce3c54bb24410f73d28f7bfaaad22

SHA1
96da0fd514ef1ca76dddf8aef503a8fbfef3730e

SHA256
15b6a7f705268b883046c47d118e82ca04636c85f9e8c0daec835059d2368c5a

SHA512
6df54c4389305ea2491de24f6e39709dbe537ba2dc4172ae8c44f59d836cf6f6aefb3f3f7e63b1d1de66e47fe36b40fe9b036f0d9f028226862faf99a584b173

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_AC420C38BB74EA210EB13D87E9370DA6

Filesize
406B

MD5
8dd8317a34a883ed9313a0377a84941e

SHA1
7c57f545d8fdd0cf6f1c46c4fa69a4805b4f805a

SHA256
bbabbc7638b11225068864fcb4737706008ae10a3a986185ca43c149db2bb66c

SHA512
87f4856b6d5fde2447b3fd17d0e4171e4e6c1100a13347db849de5deb712157e15a1268a18c323ce1ae7089f4554b0ee4199ea3a08b03ef9d5f0d613c1108805

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
ab095b4161974c98b3cbd335956947d8

SHA1
258548fdc6c71ec70757d7aedbdef32daef60746

SHA256
0c8b60e74fb27f3c9a6ae499349b23cbbb465dc80eee54d42228c6268a115065

SHA512
780a3f4664b0e0522df6324879f6c94729a7085e1b9a78671ab78d21a633254d30c72171ade5183d274483abed9ebf0e806713414458d4fafc814fc19939af43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5DKX8QD5\platform_gapi.iframes.style.common[1].js

Filesize
54KB

MD5
7ef4bc18139bcdbdd14c5b58b0955a67

SHA1
afe44fd9a877f81a3c36f571c0fc934324c6cbd7

SHA256
192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838

SHA512
6c2920e80e4d5059588a32f75bc2b5dcc19f8d68224c0935d74f9fbf49476ca5b1ce43c279768f3d36871dfcec39f36db3fcad559c2f93cc540154cdbb04dec2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L9PN2QMY\admanager[1].js

Filesize
12KB

MD5
13e7e60e620d0b901dcdd56ca83efb0a

SHA1
ef10b874a38f12b4ab10a05cff740c94bd43b42e

SHA256
5c20fdc448a2558bdaeef32a2a9eef359fb32eb7db45d3bbc368989eb9d839a2

SHA512
6eeae4db1d4be9616e6b5b7628f490c65a517c8e133679eb92328c2e1077d28301ecbadd265a23203de312ee8843c6259ea5f1233e9812a4ee712f3538ee6023

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8A9A2DI\cb=gapi[1].js

Filesize
133KB

MD5
4d1bd282f5a3799d4e2880cf69af9269

SHA1
2ede61be138a7beaa7d6214aa278479dce258adb

SHA256
5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693

SHA512
615556b06959aae4229b228cd023f15526256311b5e06dc3c1b122dcbe1ff2f01863e09f5b86f600bcee885f180b5148e7813fde76d877b3e4a114a73169c349

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabAB10.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarAB13.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\TarACE6.tmp

Filesize
177KB

MD5
435a9ac180383f9fa094131b173a2f7b

SHA1
76944ea657a9db94f9a4bef38f88c46ed4166983

SHA256
67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

SHA512
1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request