Analysis

  • max time kernel
    140s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02-06-2024 07:12

General

  • Target

    8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html

  • Size

    169KB

  • MD5

    8d45f73fbc46582d77f2ab3a4fdb33f5

  • SHA1

    f23607864239ce8d13dd0146ef1b04b8e59a3dab

  • SHA256

    178ed617afe183af7ab1622567b46d73fddc5d1bec00a938a6a8a7cd3ba50f49

  • SHA512

    8386fb60a850106ff71f1af360ae33bbf00e4628e98115341c26f2884ae82c4c35b5698df64b025fb07b9eef30487dc71a78b849f03dce48cc40a9247aab3886

  • SSDEEP

    3072:7ACDSQzQkBnUNvrPTA3w38fU7ienQpfQLPya+KIstwc/kBQmFDt46cOxfp7XRylg:UCGQz+l38fU7ienQpfQLPya+9stw4kBH

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2412 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1712

Network

  • flag-us
    DNS
    www.blogger.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.blogger.com
    IN A
    Response
    www.blogger.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    142.250.178.9
  • flag-us
    DNS
    ajax.googleapis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ajax.googleapis.com
    IN A
    Response
    ajax.googleapis.com
    IN A
    142.250.187.202
  • flag-us
    DNS
    apis.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apis.google.com
    IN A
    Response
    apis.google.com
    IN CNAME
    plus.l.google.com
    plus.l.google.com
    IN A
    142.250.200.14
  • flag-us
    DNS
    media.go2speed.org
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    media.go2speed.org
    IN A
    Response
    media.go2speed.org
    IN A
    13.33.187.75
    media.go2speed.org
    IN A
    13.33.187.7
    media.go2speed.org
    IN A
    13.33.187.56
    media.go2speed.org
    IN A
    13.33.187.40
  • flag-us
    DNS
    lh3.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh3.googleusercontent.com
    IN A
    Response
    lh3.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    resources.blogblog.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    resources.blogblog.com
    IN A
    Response
    resources.blogblog.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    142.250.178.9
  • flag-us
    DNS
    lh6.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh6.googleusercontent.com
    IN A
    Response
    lh6.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    lh4.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh4.googleusercontent.com
    IN A
    Response
    lh4.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    lh5.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh5.googleusercontent.com
    IN A
    Response
    lh5.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-gb
    GET
    https://apis.google.com/js/plusone.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /js/plusone.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Expires: Sun, 02 Jun 2024 07:12:46 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "f9177ff6f5150176"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 56667
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 28 May 2024 16:51:55 GMT
    Expires: Wed, 28 May 2025 16:51:55 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 06 May 2024 15:31:30 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 397251
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://apis.google.com/js/platform:gapi.iframes.style.common.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.blogger.com/navbar.g?targetBlogID=8819915697409249125&blogName=+ANEUK+NANGGROU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://aneuknanggrou.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://aneuknanggrou.blogspot.com/&targetPostID=8370662184381629827&blogPostOrPageUrl=https://aneuknanggrou.blogspot.com/2014/05/biografi-benazir-bhutto.html&vt=5979749564130904002&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Date: Sun, 02 Jun 2024 07:12:47 GMT
    Expires: Sun, 02 Jun 2024 07:12:47 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "ec623040ac7f59b9"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.blogger.com/navbar.g?targetBlogID=8819915697409249125&blogName=+ANEUK+NANGGROU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://aneuknanggrou.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://aneuknanggrou.blogspot.com/&targetPostID=8370662184381629827&blogPostOrPageUrl=https://aneuknanggrou.blogspot.com/2014/05/biografi-benazir-bhutto.html&vt=5979749564130904002&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 46050
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 31 May 2024 18:33:40 GMT
    Expires: Sat, 31 May 2025 18:33:40 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 06 May 2024 15:31:30 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 131947
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.202:443
    Request
    GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ajax.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
    Timing-Allow-Origin: *
    Content-Length: 33593
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 01 Jun 2024 15:52:58 GMT
    Expires: Sun, 01 Jun 2025 15:52:58 GMT
    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
    Age: 55187
    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 14806
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 28 May 2024 20:17:53 GMT
    Expires: Wed, 28 May 2025 20:17:53 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 06 May 2024 15:31:30 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 384893
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /static/v1/widgets/2549344219-widget_css_bundle.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 6822
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 28 May 2024 16:39:37 GMT
    Expires: Wed, 28 May 2025 16:39:37 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Fri, 12 Jun 2020 07:20:00 GMT
    Content-Type: text/css
    Vary: Accept-Encoding
    Age: 397988
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/static/v1/widgets/2488788848-widgets.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /static/v1/widgets/2488788848-widgets.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 53049
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 02 Jun 2024 00:16:58 GMT
    Expires: Mon, 02 Jun 2025 00:16:58 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 23 Dec 2019 00:39:55 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 24947
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/static/v1/jsbin/1479000943-comment_from_post_iframe.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /static/v1/jsbin/1479000943-comment_from_post_iframe.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 4585
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 30 May 2024 15:06:00 GMT
    Expires: Fri, 30 May 2025 15:06:00 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 23 Dec 2019 00:39:55 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 230805
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8819915697409249125&zx=25177ef1-8e5a-4ef6-8d34-dc97f448f6ba
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /dyn-css/authorization.css?targetBlogID=8819915697409249125&zx=25177ef1-8e5a-4ef6-8d34-dc97f448f6ba HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/css; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Last-Modified: Sun, 02 Jun 2024 07:12:46 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.blogger.com/navbar.g?targetBlogID=8819915697409249125&blogName=+ANEUK+NANGGROU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://aneuknanggrou.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://aneuknanggrou.blogspot.com/&targetPostID=8370662184381629827&blogPostOrPageUrl=https://aneuknanggrou.blogspot.com/2014/05/biografi-benazir-bhutto.html&vt=5979749564130904002&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /navbar.g?targetBlogID=8819915697409249125&blogName=+ANEUK+NANGGROU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://aneuknanggrou.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://aneuknanggrou.blogspot.com/&targetPostID=8370662184381629827&blogPostOrPageUrl=https://aneuknanggrou.blogspot.com/2014/05/biografi-benazir-bhutto.html&vt=5979749564130904002&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/html; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://resources.blogblog.com/img/icon18_wrench_allbkg.png
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /img/icon18_wrench_allbkg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: resources.blogblog.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 475
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 01 Jun 2024 12:35:50 GMT
    Expires: Sat, 08 Jun 2024 12:35:50 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Fri, 31 May 2024 20:54:49 GMT
    Content-Type: image/png
    Age: 67015
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh3.googleusercontent.com/proxy/hFg-Ly-xz76nSo-Uvi_BOs3P9YbRiNULWx-ldHxeCb8mwxARQzUZxMc8mRIlgPnjinaRYAm__x71RZ5EIlC7vjrdZ_opKd-tuocZUlXtFJ9JAiTZziiouo8P=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/hFg-Ly-xz76nSo-Uvi_BOs3P9YbRiNULWx-ldHxeCb8mwxARQzUZxMc8mRIlgPnjinaRYAm__x71RZ5EIlC7vjrdZ_opKd-tuocZUlXtFJ9JAiTZziiouo8P=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1692
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh3.googleusercontent.com/proxy/icAZWhIx7zks7vrgSlZfDPSGaMwUGvTr78MJoUz3MrL-D3hcHoKMwtlPGksg7kIRXUKjNAlEWfp_THi-ELrVg11RKND6ZGPj-ikAiLbILWWfgzqOHistb9Ht=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/icAZWhIx7zks7vrgSlZfDPSGaMwUGvTr78MJoUz3MrL-D3hcHoKMwtlPGksg7kIRXUKjNAlEWfp_THi-ELrVg11RKND6ZGPj-ikAiLbILWWfgzqOHistb9Ht=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1692
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh3.googleusercontent.com/proxy/7Jp_ee6p8k_wd2VqMx4BpBELTNo9X5oLLHqRWQDEBvGJqzuFIjGbCzDvDUYsPvDlDvOBCisprDFuXKD6cSqFXQpFo9e_IA79LUSrOkB8jCt9Y77LefSd-50T=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/7Jp_ee6p8k_wd2VqMx4BpBELTNo9X5oLLHqRWQDEBvGJqzuFIjGbCzDvDUYsPvDlDvOBCisprDFuXKD6cSqFXQpFo9e_IA79LUSrOkB8jCt9Y77LefSd-50T=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1692
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    GET
    https://media.go2speed.org/brand/files/lazada/301/IDJamTanganTerbaik468x60.jpg
    IEXPLORE.EXE
    Remote address:
    13.33.187.75:443
    Request
    GET /brand/files/lazada/301/IDJamTanganTerbaik468x60.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: media.go2speed.org
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Content-Length: 17104
    Connection: keep-alive
    Date: Sun, 02 Jun 2024 07:12:48 GMT
    Last-Modified: Mon, 21 Sep 2015 02:56:34 GMT
    ETag: "ab9818a39ad52a0d3f533a8db41399f5"
    Accept-Ranges: bytes
    Server: AmazonS3
    X-Cache: Hit from cloudfront
    Via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: FRA60-P9
    X-Amz-Cf-Id: IqYZpLpbBIwK4p03OA15kUoLXIwyS543P3CHXF--0PZSVX9g1dJGSA==
  • flag-us
    GET
    https://media.go2speed.org/brand/files/lazada/301/IDBigBrandSale468x60.gif
    IEXPLORE.EXE
    Remote address:
    13.33.187.75:443
    Request
    GET /brand/files/lazada/301/IDBigBrandSale468x60.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: media.go2speed.org
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/gif
    Content-Length: 16597
    Connection: keep-alive
    Date: Sun, 02 Jun 2024 07:12:48 GMT
    Last-Modified: Wed, 26 Aug 2015 11:00:35 GMT
    ETag: "72a1f92cddcd5aebcf86a6a0d7c47499"
    Accept-Ranges: bytes
    Server: AmazonS3
    X-Cache: Hit from cloudfront
    Via: 1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: FRA60-P9
    X-Amz-Cf-Id: go1n2Do9CUrHg8RwFp90ZiAJvilPnzeEW0SGL1vsFs7YvVMaAmBp5w==
  • flag-us
    GET
    https://media.go2speed.org/brand/files/lazada/301/IDMurahMeriah468x60.gif
    IEXPLORE.EXE
    Remote address:
    13.33.187.75:443
    Request
    GET /brand/files/lazada/301/IDMurahMeriah468x60.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: media.go2speed.org
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/gif
    Content-Length: 25722
    Connection: keep-alive
    Date: Sun, 02 Jun 2024 07:12:49 GMT
    Last-Modified: Fri, 05 Jun 2015 03:42:46 GMT
    ETag: "0ed9cee74d68a5c3d2e28aa107a5006c"
    Accept-Ranges: bytes
    Server: AmazonS3
    X-Cache: Hit from cloudfront
    Via: 1.1 a6ec089aa02839578670b49d128782c2.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: FRA60-P9
    X-Amz-Cf-Id: pY9N33vVTY6sqRYm9yLqGoFnSeU1P2TLn34_Cx5iCRN0Kx5sDa28OA==
  • flag-us
    GET
    https://media.go2speed.org/brand/files/lazada/301/IDSupplement468X60.jpg
    IEXPLORE.EXE
    Remote address:
    13.33.187.75:443
    Request
    GET /brand/files/lazada/301/IDSupplement468X60.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: media.go2speed.org
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Content-Length: 14308
    Connection: keep-alive
    Date: Sun, 02 Jun 2024 07:12:48 GMT
    Last-Modified: Wed, 25 Mar 2015 08:51:30 GMT
    ETag: "28f69d88e1e9bcd8058f25cf237c9f66"
    Accept-Ranges: bytes
    Server: AmazonS3
    X-Cache: Hit from cloudfront
    Via: 1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: FRA60-P9
    X-Amz-Cf-Id: 1kWDd8E6g9iujrABOPESEPzLToVA_iXmm6RkckqruzmsQsAw95DbSA==
  • flag-us
    GET
    https://media.go2speed.org/brand/files/lazada/4666/468x602.jpg
    IEXPLORE.EXE
    Remote address:
    13.33.187.75:443
    Request
    GET /brand/files/lazada/4666/468x602.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: media.go2speed.org
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Content-Length: 17616
    Connection: keep-alive
    Date: Sun, 02 Jun 2024 07:12:48 GMT
    Last-Modified: Mon, 02 May 2016 10:09:43 GMT
    ETag: "19f6db6d51c603f026b0650e3c626ad1"
    Accept-Ranges: bytes
    Server: AmazonS3
    X-Cache: Hit from cloudfront
    Via: 1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: FRA60-P9
    X-Amz-Cf-Id: lOMgeWKHLb-qlhwfFIHs3U0ViIsYOPnU35930FK6pT7IwBC-gBwe_w==
  • flag-us
    GET
    https://media.go2speed.org/brand/files/lazada/301/IDSportsOutdoorsDiving468x60.gif
    IEXPLORE.EXE
    Remote address:
    13.33.187.75:443
    Request
    GET /brand/files/lazada/301/IDSportsOutdoorsDiving468x60.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: media.go2speed.org
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/gif
    Content-Length: 19687
    Connection: keep-alive
    Date: Sun, 02 Jun 2024 07:12:49 GMT
    Last-Modified: Mon, 16 Mar 2015 07:09:55 GMT
    ETag: "9db73d9008400a0f98ca712ad66be8a7"
    Accept-Ranges: bytes
    Server: AmazonS3
    X-Cache: Miss from cloudfront
    Via: 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: FRA60-P9
    X-Amz-Cf-Id: gyHQtm0qZeBNOmfKLp75EnQG09oRuiO_w2zG3PbUKlvh2hk5cZATkQ==
  • flag-gb
    GET
    https://lh6.googleusercontent.com/proxy/GVP9MHfPL23sxsy1buZCSkcthJd6bDuR5lTPqWEBtQXKfjjtxIiYXGi1ERZA7-lwNHQc9u_y2Xt6cQEw3YBu0uDEkI6nxvkMl90Wbm2unkahWp7Q07u6XUP9=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/GVP9MHfPL23sxsy1buZCSkcthJd6bDuR5lTPqWEBtQXKfjjtxIiYXGi1ERZA7-lwNHQc9u_y2Xt6cQEw3YBu0uDEkI6nxvkMl90Wbm2unkahWp7Q07u6XUP9=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh6.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1692
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh6.googleusercontent.com/proxy/kgpD031uVQpqigQjCsy_fgW_HxZ2U2FYu5cV69BO8nSKRzNi5vGRjUNOJ9ovbnWC7VpbmjrxcsOXPkrZTHoK5RuCGYOdqNt04HmhBFwUADKPMo_hXbA3vkha=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/kgpD031uVQpqigQjCsy_fgW_HxZ2U2FYu5cV69BO8nSKRzNi5vGRjUNOJ9ovbnWC7VpbmjrxcsOXPkrZTHoK5RuCGYOdqNt04HmhBFwUADKPMo_hXbA3vkha=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh6.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1692
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh6.googleusercontent.com/proxy/KeB_k1N-ekf_29zqPk7dOIlaO7o4zxXHSTiYuEzZPRPAH9vaiW7fscqohIkVrXeUXqh4-Ob_E7Ohbw92_rAwcgyTECLldXFgSZqiVwYzlrkDKGOl4xOjyIGiN2eS4gn2ER5OqeWAWqI82CrOEQ=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/KeB_k1N-ekf_29zqPk7dOIlaO7o4zxXHSTiYuEzZPRPAH9vaiW7fscqohIkVrXeUXqh4-Ob_E7Ohbw92_rAwcgyTECLldXFgSZqiVwYzlrkDKGOl4xOjyIGiN2eS4gn2ER5OqeWAWqI82CrOEQ=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh6.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:13:05 GMT
    Server: fife
    Content-Length: 1731
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh6.googleusercontent.com/proxy/MgM4Q_INtNRHV9Nm2NUIK_fDR7NeEYCFBxKSakOGrQieNv52hP2I5IFq5Y_arln8G1H2gk2cMxcaX0SWWpxL4gDnP47l7uVOqAQK_8ptZtUjq5zRbxMugvyItfdFpqlgzHLwneymqdDW-ETi4O8=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/MgM4Q_INtNRHV9Nm2NUIK_fDR7NeEYCFBxKSakOGrQieNv52hP2I5IFq5Y_arln8G1H2gk2cMxcaX0SWWpxL4gDnP47l7uVOqAQK_8ptZtUjq5zRbxMugvyItfdFpqlgzHLwneymqdDW-ETi4O8=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh6.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:50 GMT
    Server: fife
    Content-Length: 1732
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh4.googleusercontent.com/proxy/CPPS0AAnxF_uMt2epUr6edds8cCLhPNUnzinIRXqB-XpNkuGHJVq2sjF6h4zL9T1RsAxuzMVwFtwnxPyFGCf50yyuu1qVWIcq4TbhOAuGy5oPI24N28ivDuX=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/CPPS0AAnxF_uMt2epUr6edds8cCLhPNUnzinIRXqB-XpNkuGHJVq2sjF6h4zL9T1RsAxuzMVwFtwnxPyFGCf50yyuu1qVWIcq4TbhOAuGy5oPI24N28ivDuX=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh4.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1692
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh4.googleusercontent.com/proxy/DNIBVFdwMugjjp4YZlsiOFMYfHcnilHgQb4LLXlEf5FIVipNvJD10FRsTN0R_mjeFW1W8EbFLJvsx4SmqdDAM318th4v4h-P643cTyc5Sl4bOXzZWJhG5pyt=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/DNIBVFdwMugjjp4YZlsiOFMYfHcnilHgQb4LLXlEf5FIVipNvJD10FRsTN0R_mjeFW1W8EbFLJvsx4SmqdDAM318th4v4h-P643cTyc5Sl4bOXzZWJhG5pyt=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh4.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1692
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh4.googleusercontent.com/proxy/prt9qvwl9O4ClboHpkt4PEdt2pcsAQpiSNc_lRIRk1gEEzjUAlw3N2G6_Jc6wiQygzHMydFyT-4FakwKhL5m_Q3mHlI6GQV3_XgyhIhJPjboEbFM4dHtXtPZbyRg9V1to1cR-9FZD1fTqP8K9XFR8sav5PfbhxPO2HV3PwNVjO98Vd_h8nfKHLUhN6AHWcnb64oJ=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/prt9qvwl9O4ClboHpkt4PEdt2pcsAQpiSNc_lRIRk1gEEzjUAlw3N2G6_Jc6wiQygzHMydFyT-4FakwKhL5m_Q3mHlI6GQV3_XgyhIhJPjboEbFM4dHtXtPZbyRg9V1to1cR-9FZD1fTqP8K9XFR8sav5PfbhxPO2HV3PwNVjO98Vd_h8nfKHLUhN6AHWcnb64oJ=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh4.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1781
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh5.googleusercontent.com/proxy/bA_y_9rN6nlLqwzTpsPGZVRt4DY4D4cQZ0AjgHrQOMg38cuJaGChREpJIq8XJh39hQztYRkVLN0VPgFYNBLdXlABQl_rctjp1d6MWQ2ZJejjJE_bDIWv=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/bA_y_9rN6nlLqwzTpsPGZVRt4DY4D4cQZ0AjgHrQOMg38cuJaGChREpJIq8XJh39hQztYRkVLN0VPgFYNBLdXlABQl_rctjp1d6MWQ2ZJejjJE_bDIWv=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh5.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 1688
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh5.googleusercontent.com/proxy/Z_Unx2xTOOQ8OgMtgg3MajZC1APWcju_DOKMYvfCX436z59zIfRs2UOv9tLVtUzI1ENxs6FuF_YhWEMs8MUc0UMuXcMKkQ0rQvSDpD88TenJbG7FFno2wYuYmoRzwyNV4JG3kaR17LWR5lWXwdlm2AOw92bHuWGoqNpsTw=s0-d
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/Z_Unx2xTOOQ8OgMtgg3MajZC1APWcju_DOKMYvfCX436z59zIfRs2UOv9tLVtUzI1ENxs6FuF_YhWEMs8MUc0UMuXcMKkQ0rQvSDpD88TenJbG7FFno2wYuYmoRzwyNV4JG3kaR17LWR5lWXwdlm2AOw92bHuWGoqNpsTw=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh5.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Expires: Mon, 03 Jun 2024 07:12:46 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: attachment;filename="unnamed.jpg"
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 12333
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh5.googleusercontent.com/proxy/_g7N5ViRFcj27H0pDEVsuH18f2kXgTAf-6JrpQC4rnlTbTg52t0c38auqL3MmaPXNEV0uwuycIWeu8SB2q3MvQNIQfkrQGgZC0drQLTzY-FNLfIFpKTcCBi0EclyZAv184F8DnBa5M_-N1MjaoIGizmyEojEMb6AN3zwkU10VEvnFv4DjSzp_AX1gUSe-1DvNX7yUo6pNIILoKA_FeJ8KHBf3DKZvaG4tBz0=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/_g7N5ViRFcj27H0pDEVsuH18f2kXgTAf-6JrpQC4rnlTbTg52t0c38auqL3MmaPXNEV0uwuycIWeu8SB2q3MvQNIQfkrQGgZC0drQLTzY-FNLfIFpKTcCBi0EclyZAv184F8DnBa5M_-N1MjaoIGizmyEojEMb6AN3zwkU10VEvnFv4DjSzp_AX1gUSe-1DvNX7yUo6pNIILoKA_FeJ8KHBf3DKZvaG4tBz0=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh5.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Expires: Mon, 03 Jun 2024 07:12:46 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="unnamed.jpg"
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 6046
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh5.googleusercontent.com/proxy/8Je5gHPAFW9PxIyRfEQ337DNWCv_7YHvgnFk1w8yJxEZ9uIWCdgNl3b4QQtdWcc3Qb8p6P7z1cbVQbrlgSSiCQYKitpExs819xhUd8tw1EmOYw=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/8Je5gHPAFW9PxIyRfEQ337DNWCv_7YHvgnFk1w8yJxEZ9uIWCdgNl3b4QQtdWcc3Qb8p6P7z1cbVQbrlgSSiCQYKitpExs819xhUd8tw1EmOYw=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh5.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Expires: Mon, 03 Jun 2024 07:12:46 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="unnamed.jpg"
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 4142
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh5.googleusercontent.com/proxy/mMv7xUh3qfb3RWeaGqiWn8L_dpxYY-Bzd-oqhjEPlL4OyZ8CMWM79dFUTtR3wdste6hGZeQnFte-7uM5NfWHz4vwBszQvrtcDXPtjhpfdGNBewAB3o-zP8QzGUHC1fU7KQoRNrtiuO1EreNOLTW7Yxj3vRMfTF-fVIHKXYDuysMtNmLq_25tjwbBPpyRxXzOZUN3xzCxHWBUk2uaKJAy1_iz_7_7SwSuVcfbuOFE2cLJoxJ4f2KXrHsNGSVIlKsICq_BhD5ntB5ajcHTikZ-9WdeRqhk-EuD6yHCmI071IRQmzzAYdJWMAVrc3xZvotMMp9kd9u44aRCQKwfCmvgKfsTenkaSLxuDqIDf0QJOmvYQxwcaUNbIot-kxUrXw4w2kiG0lk-0d9_xz3-362BscphMCbD8qtSOYegV4Iq93Y_yaBY1b4Qd77m2Fxzm5U1Q3x4WeSqnHoTIOHMFUdyDZeIWtUzZdwxBStdg4Zj0uYrujUGq1-kzQ2ez6wKyA1kbLgg1sga-ovzSYBgmw4a8a1x55vXhG7kWqS2fucMR_74PZAU5EajqEaW4PIPhNFPfni-V5CwFR8vjIE_sNpYM8uu-oSU_hsp2mceQmALbLzE83KgZCFiJFDH8U1bRAqXeC6_Aup3JA0iXVo-YQMjRCP3bclvWFPS2bHZ8b8CCuCbwPrLOnxnQXsKw0Jch7FIUuPvS4gx7IaU8QdKTDWV0gSPMnDOcY-Dab8=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/mMv7xUh3qfb3RWeaGqiWn8L_dpxYY-Bzd-oqhjEPlL4OyZ8CMWM79dFUTtR3wdste6hGZeQnFte-7uM5NfWHz4vwBszQvrtcDXPtjhpfdGNBewAB3o-zP8QzGUHC1fU7KQoRNrtiuO1EreNOLTW7Yxj3vRMfTF-fVIHKXYDuysMtNmLq_25tjwbBPpyRxXzOZUN3xzCxHWBUk2uaKJAy1_iz_7_7SwSuVcfbuOFE2cLJoxJ4f2KXrHsNGSVIlKsICq_BhD5ntB5ajcHTikZ-9WdeRqhk-EuD6yHCmI071IRQmzzAYdJWMAVrc3xZvotMMp9kd9u44aRCQKwfCmvgKfsTenkaSLxuDqIDf0QJOmvYQxwcaUNbIot-kxUrXw4w2kiG0lk-0d9_xz3-362BscphMCbD8qtSOYegV4Iq93Y_yaBY1b4Qd77m2Fxzm5U1Q3x4WeSqnHoTIOHMFUdyDZeIWtUzZdwxBStdg4Zj0uYrujUGq1-kzQ2ez6wKyA1kbLgg1sga-ovzSYBgmw4a8a1x55vXhG7kWqS2fucMR_74PZAU5EajqEaW4PIPhNFPfni-V5CwFR8vjIE_sNpYM8uu-oSU_hsp2mceQmALbLzE83KgZCFiJFDH8U1bRAqXeC6_Aup3JA0iXVo-YQMjRCP3bclvWFPS2bHZ8b8CCuCbwPrLOnxnQXsKw0Jch7FIUuPvS4gx7IaU8QdKTDWV0gSPMnDOcY-Dab8=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh5.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 02 Jun 2024 07:12:46 GMT
    Server: fife
    Content-Length: 2324
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    GET
    https://media.go2speed.org/brand/files/lazada/301/IDNikonCanonDSLR468x60.gif
    IEXPLORE.EXE
    Remote address:
    13.33.187.75:443
    Request
    GET /brand/files/lazada/301/IDNikonCanonDSLR468x60.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: media.go2speed.org
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/gif
    Content-Length: 10318
    Connection: keep-alive
    Date: Sun, 02 Jun 2024 07:12:49 GMT
    Last-Modified: Wed, 24 Jun 2015 07:12:06 GMT
    ETag: "b318940d9172ee946d395b244f4d53b2"
    Accept-Ranges: bytes
    Server: AmazonS3
    X-Cache: Miss from cloudfront
    Via: 1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: FRA60-P9
    X-Amz-Cf-Id: 66QF1znUUFbW1daGCC2pgrx4LlVDazYAvJdjl3KV4ncCPyjrfUFgew==
  • flag-us
    DNS
    themes.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    themes.googleusercontent.com
    IN A
    Response
    themes.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-gb
    GET
    https://themes.googleusercontent.com/static/fonts/roboto/v10/2UX7WLTfW3W8TclTUvlFyQ.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /static/fonts/roboto/v10/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 21132
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 01 Jun 2024 22:02:21 GMT
    Expires: Sun, 01 Jun 2025 22:02:21 GMT
    Cache-Control: public, max-age=31536000
    Age: 33025
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://themes.googleusercontent.com/static/fonts/roboto/v10/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /static/fonts/roboto/v10/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 20636
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 01 Jun 2024 13:39:28 GMT
    Expires: Sun, 01 Jun 2025 13:39:28 GMT
    Cache-Control: public, max-age=31536000
    Age: 63198
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 21520
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 02 Jun 2024 06:58:42 GMT
    Expires: Mon, 02 Jun 2025 06:58:42 GMT
    Cache-Control: public, max-age=31536000
    Age: 844
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://themes.googleusercontent.com/static/fonts/roboto/v10/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /static/fonts/roboto/v10/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 19812
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 01 Jun 2024 12:21:03 GMT
    Expires: Sun, 01 Jun 2025 12:21:03 GMT
    Cache-Control: public, max-age=31536000
    Age: 67903
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://themes.googleusercontent.com/static/fonts/roboto/v10/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /static/fonts/roboto/v10/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 22396
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 31 May 2024 02:49:19 GMT
    Expires: Sat, 31 May 2025 02:49:19 GMT
    Cache-Control: public, max-age=31536000
    Age: 188607
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://themes.googleusercontent.com/static/fonts/roboto/v10/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /static/fonts/roboto/v10/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 19973
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 01 Jun 2024 23:48:39 GMT
    Expires: Sun, 01 Jun 2025 23:48:39 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Vary: Accept-Encoding
    Age: 26647
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    jqueryapi.info
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    jqueryapi.info
    IN A
    Response
    jqueryapi.info
    IN A
    45.56.79.23
    jqueryapi.info
    IN A
    198.58.118.167
    jqueryapi.info
    IN A
    45.33.23.183
    jqueryapi.info
    IN A
    96.126.123.244
    jqueryapi.info
    IN A
    45.79.19.196
    jqueryapi.info
    IN A
    45.33.2.79
    jqueryapi.info
    IN A
    173.255.194.134
    jqueryapi.info
    IN A
    72.14.185.43
    jqueryapi.info
    IN A
    45.33.18.44
    jqueryapi.info
    IN A
    45.33.30.197
    jqueryapi.info
    IN A
    72.14.178.174
    jqueryapi.info
    IN A
    45.33.20.235
  • flag-us
    DNS
    aneuknanggrou.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    aneuknanggrou.blogspot.com
    IN A
    Response
    aneuknanggrou.blogspot.com
    IN CNAME
    blogspot.l.googleusercontent.com
    blogspot.l.googleusercontent.com
    IN A
    142.250.200.1
  • flag-us
    GET
    http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html
    IEXPLORE.EXE
    Remote address:
    45.56.79.23:80
    Request
    GET /?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: jqueryapi.info
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    server: openresty/1.13.6.1
    date: Sun, 02 Jun 2024 07:12:46 GMT
    content-type: application/javascript
    content-length: 157
    last-modified: Tue, 10 Jan 2023 21:36:11 GMT
    etag: "63bdda4b-9d"
    accept-ranges: bytes
    connection: close
  • flag-gb
    GET
    https://aneuknanggrou.blogspot.com/2014/05/biografi-ahok-basuki-tjahaja-purnama.html
    IEXPLORE.EXE
    Remote address:
    142.250.200.1:443
    Request
    GET /2014/05/biografi-ahok-basuki-tjahaja-purnama.html HTTP/1.1
    Accept-Language: en-US
    Accept: text/html, */*; q=0.01
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: aneuknanggrou.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Type: text/html; charset=UTF-8
    Content-Encoding: gzip
    Date: Sun, 02 Jun 2024 07:12:47 GMT
    Expires: Sun, 02 Jun 2024 07:12:47 GMT
    Cache-Control: private, max-age=0
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    Content-Security-Policy: frame-ancestors 'self'
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://aneuknanggrou.blogspot.com/feeds/posts/summary/-/Biografi%20Tokoh%20Dunia?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex
    IEXPLORE.EXE
    Remote address:
    142.250.200.1:443
    Request
    GET /feeds/posts/summary/-/Biografi%20Tokoh%20Dunia?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: aneuknanggrou.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Content-Type: text/html; charset=UTF-8
    Date: Sun, 02 Jun 2024 07:12:47 GMT
    Server: Blogger Render Server 1.0
    Content-Length: 3187
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    s10.histats.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s10.histats.com
    IN A
    Response
    s10.histats.com
    IN CNAME
    s10.histats.com.cdn.cloudflare.net
    s10.histats.com.cdn.cloudflare.net
    IN A
    104.20.18.71
    s10.histats.com.cdn.cloudflare.net
    IN A
    104.20.19.71
  • flag-us
    GET
    http://s10.histats.com/js15.js
    IEXPLORE.EXE
    Remote address:
    104.20.18.71:80
    Request
    GET /js15.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s10.histats.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 02 Jun 2024 07:12:47 GMT
    Content-Type: text/javascript
    Content-Length: 4405
    Connection: keep-alive
    Content-Encoding: gzip
    ETag: "980881274"
    Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
    Vary: Accept-Encoding
    Cache-Control: max-age=28800
    CF-Cache-Status: HIT
    Age: 43179
    Accept-Ranges: bytes
    Server: cloudflare
    CF-RAY: 88d5a3166f936334-LHR
  • flag-us
    DNS
    s4.histats.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s4.histats.com
    IN A
    Response
    s4.histats.com
    IN A
    149.56.240.132
    s4.histats.com
    IN A
    149.56.240.131
    s4.histats.com
    IN A
    149.56.240.130
    s4.histats.com
    IN A
    149.56.240.129
    s4.histats.com
    IN A
    54.39.128.162
    s4.histats.com
    IN A
    149.56.240.127
    s4.histats.com
    IN A
    158.69.254.144
    s4.histats.com
    IN A
    149.56.240.27
    s4.histats.com
    IN A
    142.4.219.198
    s4.histats.com
    IN A
    149.56.240.128
    s4.histats.com
    IN A
    54.39.156.32
    s4.histats.com
    IN A
    149.56.240.31
    s4.histats.com
    IN A
    54.39.128.117
  • flag-ca
    GET
    https://s4.histats.com/stats/2738768.php?2738768&@f16&@g1&@h1&@i1&@j1717312365439&@k0&@l1&@mBiografi%20Benazir%20Bhutto%20-%20ANEUK%20NANGGROU&@n0&@o1000&@q0&@r0&@s423&@ten-US&@u1280&@b1:-164061990&@b3:1717312365&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html&@w
    IEXPLORE.EXE
    Remote address:
    149.56.240.132:443
    Request
    GET /stats/2738768.php?2738768&@f16&@g1&@h1&@i1&@j1717312365439&@k0&@l1&@mBiografi%20Benazir%20Bhutto%20-%20ANEUK%20NANGGROU&@n0&@o1000&@q0&@r0&@s423&@ten-US&@u1280&@b1:-164061990&@b3:1717312365&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html&@w HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s4.histats.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 02 Jun 2024 07:12:56 GMT
    Content-Type: text/html;charset=UTF-8
    Content-Length: 430
    Connection: close
  • flag-gb
    GET
    https://aneuknanggrou.blogspot.com/2014/05/biografi-benjamin-franklin.html
    IEXPLORE.EXE
    Remote address:
    142.250.200.1:443
    Request
    GET /2014/05/biografi-benjamin-franklin.html HTTP/1.1
    Accept-Language: en-US
    Accept: text/html, */*; q=0.01
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: aneuknanggrou.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Security-Policy: upgrade-insecure-requests
    Content-Security-Policy-Report-Only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
    Report-To: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
    Content-Type: text/html; charset=UTF-8
    Content-Encoding: gzip
    Date: Sun, 02 Jun 2024 07:12:47 GMT
    Expires: Sun, 02 Jun 2024 07:12:47 GMT
    Cache-Control: private, max-age=0
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    GET
    https://s10.histats.com/counters/cc_423.js
    IEXPLORE.EXE
    Remote address:
    104.20.18.71:443
    Request
    GET /counters/cc_423.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s10.histats.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 02 Jun 2024 07:12:48 GMT
    Content-Type: text/javascript
    Content-Length: 6740
    Connection: keep-alive
    Content-Encoding: gzip
    ETag: "290238187"
    Last-Modified: Thu, 16 Apr 2020 10:45:32 GMT
    Vary: Accept-Encoding
    Cache-Control: max-age=28800
    CF-Cache-Status: HIT
    Age: 78314
    Accept-Ranges: bytes
    Server: cloudflare
    CF-RAY: 88d5a3212e9b79ba-LHR
  • flag-us
    DNS
    apps.identrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apps.identrust.com
    IN A
    Response
    apps.identrust.com
    IN CNAME
    identrust.edgesuite.net
    identrust.edgesuite.net
    IN CNAME
    a1952.dscq.akamai.net
    a1952.dscq.akamai.net
    IN A
    23.63.101.152
    a1952.dscq.akamai.net
    IN A
    23.63.101.153
  • flag-nl
    GET
    http://apps.identrust.com/roots/dstrootcax3.p7c
    IEXPLORE.EXE
    Remote address:
    23.63.101.152:80
    Request
    GET /roots/dstrootcax3.p7c HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: apps.identrust.com
    Response
    HTTP/1.1 200 OK
    X-XSS-Protection: 1; mode=block
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    Referrer-Policy: same-origin
    Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
    ETag: "37d-6079b8c0929c0"
    Accept-Ranges: bytes
    Content-Length: 893
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Type: application/pkcs7-mime
    Cache-Control: max-age=3600
    Expires: Sun, 02 Jun 2024 08:12:48 GMT
    Date: Sun, 02 Jun 2024 07:12:48 GMT
    Connection: keep-alive
  • flag-us
    DNS
    x2.c.lencr.org
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    x2.c.lencr.org
    IN A
    Response
    x2.c.lencr.org
    IN CNAME
    crl.root-x1.letsencrypt.org.edgekey.net
    crl.root-x1.letsencrypt.org.edgekey.net
    IN CNAME
    e8652.dscx.akamaiedge.net
    e8652.dscx.akamaiedge.net
    IN A
    23.55.97.11
  • flag-be
    GET
    http://x2.c.lencr.org/
    IEXPLORE.EXE
    Remote address:
    23.55.97.11:80
    Request
    GET / HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: x2.c.lencr.org
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/pkix-crl
    Last-Modified: Mon, 12 Feb 2024 22:07:27 GMT
    ETag: "65ca969f-12b"
    Cache-Control: max-age=3600
    Expires: Sun, 02 Jun 2024 08:12:48 GMT
    Date: Sun, 02 Jun 2024 07:12:48 GMT
    Content-Length: 299
    Connection: keep-alive
  • flag-ca
    GET
    https://s4.histats.com/stats/e.php?2738768&@Ab&@R2592&@w
    IEXPLORE.EXE
    Remote address:
    149.56.240.132:443
    Request
    GET /stats/e.php?2738768&@Ab&@R2592&@w HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s4.histats.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 02 Jun 2024 07:13:41 GMT
    Content-Type: text/html;charset=UTF-8
    Content-Length: 430
    Connection: close
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    2.21.17.194
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    2.21.17.194
  • 142.250.187.202:443
    ajax.googleapis.com
    tls
    IEXPLORE.EXE
    704 B
    5.0kB
    9
    8
  • 142.250.200.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
    tls, http
    IEXPLORE.EXE
    6.3kB
    162.6kB
    73
    127

    HTTP Request

    GET https://apis.google.com/js/plusone.js

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/js/platform:gapi.iframes.style.common.js

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

    HTTP Response

    200
  • 142.250.187.202:443
    https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
    tls, http
    IEXPLORE.EXE
    1.7kB
    41.5kB
    25
    35

    HTTP Request

    GET https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

    HTTP Response

    200
  • 142.250.200.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs
    tls, http
    IEXPLORE.EXE
    1.5kB
    21.3kB
    17
    21

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

    HTTP Response

    200
  • 142.250.178.9:443
    www.blogger.com
    tls
    IEXPLORE.EXE
    752 B
    4.8kB
    10
    9
  • 142.250.178.9:443
    https://www.blogger.com/static/v1/widgets/2488788848-widgets.js
    tls, http
    IEXPLORE.EXE
    2.5kB
    69.2kB
    35
    55

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/2488788848-widgets.js

    HTTP Response

    200
  • 142.250.178.9:443
    www.blogger.com
    tls
    IEXPLORE.EXE
    752 B
    4.8kB
    10
    9
  • 142.250.178.9:443
    https://www.blogger.com/navbar.g?targetBlogID=8819915697409249125&blogName=+ANEUK+NANGGROU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://aneuknanggrou.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://aneuknanggrou.blogspot.com/&targetPostID=8370662184381629827&blogPostOrPageUrl=https://aneuknanggrou.blogspot.com/2014/05/biografi-benazir-bhutto.html&vt=5979749564130904002&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    tls, http
    IEXPLORE.EXE
    2.7kB
    16.1kB
    20
    23

    HTTP Request

    GET https://www.blogger.com/static/v1/jsbin/1479000943-comment_from_post_iframe.js

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8819915697409249125&zx=25177ef1-8e5a-4ef6-8d34-dc97f448f6ba

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/navbar.g?targetBlogID=8819915697409249125&blogName=+ANEUK+NANGGROU&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://aneuknanggrou.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://aneuknanggrou.blogspot.com/&targetPostID=8370662184381629827&blogPostOrPageUrl=https://aneuknanggrou.blogspot.com/2014/05/biografi-benazir-bhutto.html&vt=5979749564130904002&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

    HTTP Response

    200
  • 142.250.178.9:443
    resources.blogblog.com
    tls
    IEXPLORE.EXE
    759 B
    4.8kB
    10
    9
  • 142.250.178.9:443
    https://resources.blogblog.com/img/icon18_wrench_allbkg.png
    tls, http
    IEXPLORE.EXE
    1.2kB
    7.1kB
    13
    11

    HTTP Request

    GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png

    HTTP Response

    200
  • 172.217.16.225:443
    https://lh3.googleusercontent.com/proxy/hFg-Ly-xz76nSo-Uvi_BOs3P9YbRiNULWx-ldHxeCb8mwxARQzUZxMc8mRIlgPnjinaRYAm__x71RZ5EIlC7vjrdZ_opKd-tuocZUlXtFJ9JAiTZziiouo8P=s0-d
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.9kB
    13
    15

    HTTP Request

    GET https://lh3.googleusercontent.com/proxy/hFg-Ly-xz76nSo-Uvi_BOs3P9YbRiNULWx-ldHxeCb8mwxARQzUZxMc8mRIlgPnjinaRYAm__x71RZ5EIlC7vjrdZ_opKd-tuocZUlXtFJ9JAiTZziiouo8P=s0-d

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh3.googleusercontent.com/proxy/icAZWhIx7zks7vrgSlZfDPSGaMwUGvTr78MJoUz3MrL-D3hcHoKMwtlPGksg7kIRXUKjNAlEWfp_THi-ELrVg11RKND6ZGPj-ikAiLbILWWfgzqOHistb9Ht=s0-d
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.8kB
    12
    14

    HTTP Request

    GET https://lh3.googleusercontent.com/proxy/icAZWhIx7zks7vrgSlZfDPSGaMwUGvTr78MJoUz3MrL-D3hcHoKMwtlPGksg7kIRXUKjNAlEWfp_THi-ELrVg11RKND6ZGPj-ikAiLbILWWfgzqOHistb9Ht=s0-d

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh3.googleusercontent.com/proxy/7Jp_ee6p8k_wd2VqMx4BpBELTNo9X5oLLHqRWQDEBvGJqzuFIjGbCzDvDUYsPvDlDvOBCisprDFuXKD6cSqFXQpFo9e_IA79LUSrOkB8jCt9Y77LefSd-50T=s0-d
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.9kB
    13
    15

    HTTP Request

    GET https://lh3.googleusercontent.com/proxy/7Jp_ee6p8k_wd2VqMx4BpBELTNo9X5oLLHqRWQDEBvGJqzuFIjGbCzDvDUYsPvDlDvOBCisprDFuXKD6cSqFXQpFo9e_IA79LUSrOkB8jCt9Y77LefSd-50T=s0-d

    HTTP Response

    404
  • 13.33.187.75:443
    https://media.go2speed.org/brand/files/lazada/301/IDJamTanganTerbaik468x60.jpg
    tls, http
    IEXPLORE.EXE
    1.5kB
    24.8kB
    17
    24

    HTTP Request

    GET https://media.go2speed.org/brand/files/lazada/301/IDJamTanganTerbaik468x60.jpg

    HTTP Response

    200
  • 13.33.187.75:443
    https://media.go2speed.org/brand/files/lazada/301/IDBigBrandSale468x60.gif
    tls, http
    IEXPLORE.EXE
    1.4kB
    24.2kB
    16
    23

    HTTP Request

    GET https://media.go2speed.org/brand/files/lazada/301/IDBigBrandSale468x60.gif

    HTTP Response

    200
  • 13.33.187.75:443
    https://media.go2speed.org/brand/files/lazada/301/IDMurahMeriah468x60.gif
    tls, http
    IEXPLORE.EXE
    1.7kB
    33.7kB
    21
    32

    HTTP Request

    GET https://media.go2speed.org/brand/files/lazada/301/IDMurahMeriah468x60.gif

    HTTP Response

    200
  • 13.33.187.75:443
    https://media.go2speed.org/brand/files/lazada/301/IDSupplement468X60.jpg
    tls, http
    IEXPLORE.EXE
    1.4kB
    21.8kB
    16
    22

    HTTP Request

    GET https://media.go2speed.org/brand/files/lazada/301/IDSupplement468X60.jpg

    HTTP Response

    200
  • 13.33.187.75:443
    https://media.go2speed.org/brand/files/lazada/4666/468x602.jpg
    tls, http
    IEXPLORE.EXE
    1.5kB
    25.2kB
    17
    24

    HTTP Request

    GET https://media.go2speed.org/brand/files/lazada/4666/468x602.jpg

    HTTP Response

    200
  • 13.33.187.75:443
    https://media.go2speed.org/brand/files/lazada/301/IDSportsOutdoorsDiving468x60.gif
    tls, http
    IEXPLORE.EXE
    1.5kB
    27.4kB
    18
    27

    HTTP Request

    GET https://media.go2speed.org/brand/files/lazada/301/IDSportsOutdoorsDiving468x60.gif

    HTTP Response

    200
  • 172.217.16.225:443
    https://lh6.googleusercontent.com/proxy/GVP9MHfPL23sxsy1buZCSkcthJd6bDuR5lTPqWEBtQXKfjjtxIiYXGi1ERZA7-lwNHQc9u_y2Xt6cQEw3YBu0uDEkI6nxvkMl90Wbm2unkahWp7Q07u6XUP9=s0-d
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.8kB
    12
    14

    HTTP Request

    GET https://lh6.googleusercontent.com/proxy/GVP9MHfPL23sxsy1buZCSkcthJd6bDuR5lTPqWEBtQXKfjjtxIiYXGi1ERZA7-lwNHQc9u_y2Xt6cQEw3YBu0uDEkI6nxvkMl90Wbm2unkahWp7Q07u6XUP9=s0-d

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh6.googleusercontent.com/proxy/kgpD031uVQpqigQjCsy_fgW_HxZ2U2FYu5cV69BO8nSKRzNi5vGRjUNOJ9ovbnWC7VpbmjrxcsOXPkrZTHoK5RuCGYOdqNt04HmhBFwUADKPMo_hXbA3vkha=s0-d
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.9kB
    12
    15

    HTTP Request

    GET https://lh6.googleusercontent.com/proxy/kgpD031uVQpqigQjCsy_fgW_HxZ2U2FYu5cV69BO8nSKRzNi5vGRjUNOJ9ovbnWC7VpbmjrxcsOXPkrZTHoK5RuCGYOdqNt04HmhBFwUADKPMo_hXbA3vkha=s0-d

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh6.googleusercontent.com/proxy/KeB_k1N-ekf_29zqPk7dOIlaO7o4zxXHSTiYuEzZPRPAH9vaiW7fscqohIkVrXeUXqh4-Ob_E7Ohbw92_rAwcgyTECLldXFgSZqiVwYzlrkDKGOl4xOjyIGiN2eS4gn2ER5OqeWAWqI82CrOEQ=w72-h72-p-k-no-nu
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.9kB
    12
    14

    HTTP Request

    GET https://lh6.googleusercontent.com/proxy/KeB_k1N-ekf_29zqPk7dOIlaO7o4zxXHSTiYuEzZPRPAH9vaiW7fscqohIkVrXeUXqh4-Ob_E7Ohbw92_rAwcgyTECLldXFgSZqiVwYzlrkDKGOl4xOjyIGiN2eS4gn2ER5OqeWAWqI82CrOEQ=w72-h72-p-k-no-nu

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh6.googleusercontent.com/proxy/MgM4Q_INtNRHV9Nm2NUIK_fDR7NeEYCFBxKSakOGrQieNv52hP2I5IFq5Y_arln8G1H2gk2cMxcaX0SWWpxL4gDnP47l7uVOqAQK_8ptZtUjq5zRbxMugvyItfdFpqlgzHLwneymqdDW-ETi4O8=w72-h72-p-k-no-nu
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.9kB
    12
    14

    HTTP Request

    GET https://lh6.googleusercontent.com/proxy/MgM4Q_INtNRHV9Nm2NUIK_fDR7NeEYCFBxKSakOGrQieNv52hP2I5IFq5Y_arln8G1H2gk2cMxcaX0SWWpxL4gDnP47l7uVOqAQK_8ptZtUjq5zRbxMugvyItfdFpqlgzHLwneymqdDW-ETi4O8=w72-h72-p-k-no-nu

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh4.googleusercontent.com/proxy/CPPS0AAnxF_uMt2epUr6edds8cCLhPNUnzinIRXqB-XpNkuGHJVq2sjF6h4zL9T1RsAxuzMVwFtwnxPyFGCf50yyuu1qVWIcq4TbhOAuGy5oPI24N28ivDuX=s0-d
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.8kB
    12
    14

    HTTP Request

    GET https://lh4.googleusercontent.com/proxy/CPPS0AAnxF_uMt2epUr6edds8cCLhPNUnzinIRXqB-XpNkuGHJVq2sjF6h4zL9T1RsAxuzMVwFtwnxPyFGCf50yyuu1qVWIcq4TbhOAuGy5oPI24N28ivDuX=s0-d

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh4.googleusercontent.com/proxy/DNIBVFdwMugjjp4YZlsiOFMYfHcnilHgQb4LLXlEf5FIVipNvJD10FRsTN0R_mjeFW1W8EbFLJvsx4SmqdDAM318th4v4h-P643cTyc5Sl4bOXzZWJhG5pyt=s0-d
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.8kB
    12
    14

    HTTP Request

    GET https://lh4.googleusercontent.com/proxy/DNIBVFdwMugjjp4YZlsiOFMYfHcnilHgQb4LLXlEf5FIVipNvJD10FRsTN0R_mjeFW1W8EbFLJvsx4SmqdDAM318th4v4h-P643cTyc5Sl4bOXzZWJhG5pyt=s0-d

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh4.googleusercontent.com/proxy/prt9qvwl9O4ClboHpkt4PEdt2pcsAQpiSNc_lRIRk1gEEzjUAlw3N2G6_Jc6wiQygzHMydFyT-4FakwKhL5m_Q3mHlI6GQV3_XgyhIhJPjboEbFM4dHtXtPZbyRg9V1to1cR-9FZD1fTqP8K9XFR8sav5PfbhxPO2HV3PwNVjO98Vd_h8nfKHLUhN6AHWcnb64oJ=w72-h72-p-k-no-nu
    tls, http
    IEXPLORE.EXE
    1.4kB
    11.9kB
    12
    14

    HTTP Request

    GET https://lh4.googleusercontent.com/proxy/prt9qvwl9O4ClboHpkt4PEdt2pcsAQpiSNc_lRIRk1gEEzjUAlw3N2G6_Jc6wiQygzHMydFyT-4FakwKhL5m_Q3mHlI6GQV3_XgyhIhJPjboEbFM4dHtXtPZbyRg9V1to1cR-9FZD1fTqP8K9XFR8sav5PfbhxPO2HV3PwNVjO98Vd_h8nfKHLUhN6AHWcnb64oJ=w72-h72-p-k-no-nu

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh5.googleusercontent.com/proxy/bA_y_9rN6nlLqwzTpsPGZVRt4DY4D4cQZ0AjgHrQOMg38cuJaGChREpJIq8XJh39hQztYRkVLN0VPgFYNBLdXlABQl_rctjp1d6MWQ2ZJejjJE_bDIWv=s0-d
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.8kB
    12
    14

    HTTP Request

    GET https://lh5.googleusercontent.com/proxy/bA_y_9rN6nlLqwzTpsPGZVRt4DY4D4cQZ0AjgHrQOMg38cuJaGChREpJIq8XJh39hQztYRkVLN0VPgFYNBLdXlABQl_rctjp1d6MWQ2ZJejjJE_bDIWv=s0-d

    HTTP Response

    404
  • 172.217.16.225:443
    https://lh5.googleusercontent.com/proxy/Z_Unx2xTOOQ8OgMtgg3MajZC1APWcju_DOKMYvfCX436z59zIfRs2UOv9tLVtUzI1ENxs6FuF_YhWEMs8MUc0UMuXcMKkQ0rQvSDpD88TenJbG7FFno2wYuYmoRzwyNV4JG3kaR17LWR5lWXwdlm2AOw92bHuWGoqNpsTw=s0-d
    tls, http
    IEXPLORE.EXE
    1.5kB
    23.2kB
    16
    22

    HTTP Request

    GET https://lh5.googleusercontent.com/proxy/Z_Unx2xTOOQ8OgMtgg3MajZC1APWcju_DOKMYvfCX436z59zIfRs2UOv9tLVtUzI1ENxs6FuF_YhWEMs8MUc0UMuXcMKkQ0rQvSDpD88TenJbG7FFno2wYuYmoRzwyNV4JG3kaR17LWR5lWXwdlm2AOw92bHuWGoqNpsTw=s0-d

    HTTP Response

    200
  • 172.217.16.225:443
    https://lh5.googleusercontent.com/proxy/_g7N5ViRFcj27H0pDEVsuH18f2kXgTAf-6JrpQC4rnlTbTg52t0c38auqL3MmaPXNEV0uwuycIWeu8SB2q3MvQNIQfkrQGgZC0drQLTzY-FNLfIFpKTcCBi0EclyZAv184F8DnBa5M_-N1MjaoIGizmyEojEMb6AN3zwkU10VEvnFv4DjSzp_AX1gUSe-1DvNX7yUo6pNIILoKA_FeJ8KHBf3DKZvaG4tBz0=w72-h72-p-k-no-nu
    tls, http
    IEXPLORE.EXE
    1.5kB
    16.6kB
    15
    18

    HTTP Request

    GET https://lh5.googleusercontent.com/proxy/_g7N5ViRFcj27H0pDEVsuH18f2kXgTAf-6JrpQC4rnlTbTg52t0c38auqL3MmaPXNEV0uwuycIWeu8SB2q3MvQNIQfkrQGgZC0drQLTzY-FNLfIFpKTcCBi0EclyZAv184F8DnBa5M_-N1MjaoIGizmyEojEMb6AN3zwkU10VEvnFv4DjSzp_AX1gUSe-1DvNX7yUo6pNIILoKA_FeJ8KHBf3DKZvaG4tBz0=w72-h72-p-k-no-nu

    HTTP Response

    200
  • 172.217.16.225:443
    https://lh5.googleusercontent.com/proxy/8Je5gHPAFW9PxIyRfEQ337DNWCv_7YHvgnFk1w8yJxEZ9uIWCdgNl3b4QQtdWcc3Qb8p6P7z1cbVQbrlgSSiCQYKitpExs819xhUd8tw1EmOYw=w72-h72-p-k-no-nu
    tls, http
    IEXPLORE.EXE
    1.3kB
    14.7kB
    13
    17

    HTTP Request

    GET https://lh5.googleusercontent.com/proxy/8Je5gHPAFW9PxIyRfEQ337DNWCv_7YHvgnFk1w8yJxEZ9uIWCdgNl3b4QQtdWcc3Qb8p6P7z1cbVQbrlgSSiCQYKitpExs819xhUd8tw1EmOYw=w72-h72-p-k-no-nu

    HTTP Response

    200
  • 172.217.16.225:443
    https://lh5.googleusercontent.com/proxy/mMv7xUh3qfb3RWeaGqiWn8L_dpxYY-Bzd-oqhjEPlL4OyZ8CMWM79dFUTtR3wdste6hGZeQnFte-7uM5NfWHz4vwBszQvrtcDXPtjhpfdGNBewAB3o-zP8QzGUHC1fU7KQoRNrtiuO1EreNOLTW7Yxj3vRMfTF-fVIHKXYDuysMtNmLq_25tjwbBPpyRxXzOZUN3xzCxHWBUk2uaKJAy1_iz_7_7SwSuVcfbuOFE2cLJoxJ4f2KXrHsNGSVIlKsICq_BhD5ntB5ajcHTikZ-9WdeRqhk-EuD6yHCmI071IRQmzzAYdJWMAVrc3xZvotMMp9kd9u44aRCQKwfCmvgKfsTenkaSLxuDqIDf0QJOmvYQxwcaUNbIot-kxUrXw4w2kiG0lk-0d9_xz3-362BscphMCbD8qtSOYegV4Iq93Y_yaBY1b4Qd77m2Fxzm5U1Q3x4WeSqnHoTIOHMFUdyDZeIWtUzZdwxBStdg4Zj0uYrujUGq1-kzQ2ez6wKyA1kbLgg1sga-ovzSYBgmw4a8a1x55vXhG7kWqS2fucMR_74PZAU5EajqEaW4PIPhNFPfni-V5CwFR8vjIE_sNpYM8uu-oSU_hsp2mceQmALbLzE83KgZCFiJFDH8U1bRAqXeC6_Aup3JA0iXVo-YQMjRCP3bclvWFPS2bHZ8b8CCuCbwPrLOnxnQXsKw0Jch7FIUuPvS4gx7IaU8QdKTDWV0gSPMnDOcY-Dab8=w72-h72-p-k-no-nu
    tls, http
    IEXPLORE.EXE
    2.0kB
    12.5kB
    13
    15

    HTTP Request

    GET https://lh5.googleusercontent.com/proxy/mMv7xUh3qfb3RWeaGqiWn8L_dpxYY-Bzd-oqhjEPlL4OyZ8CMWM79dFUTtR3wdste6hGZeQnFte-7uM5NfWHz4vwBszQvrtcDXPtjhpfdGNBewAB3o-zP8QzGUHC1fU7KQoRNrtiuO1EreNOLTW7Yxj3vRMfTF-fVIHKXYDuysMtNmLq_25tjwbBPpyRxXzOZUN3xzCxHWBUk2uaKJAy1_iz_7_7SwSuVcfbuOFE2cLJoxJ4f2KXrHsNGSVIlKsICq_BhD5ntB5ajcHTikZ-9WdeRqhk-EuD6yHCmI071IRQmzzAYdJWMAVrc3xZvotMMp9kd9u44aRCQKwfCmvgKfsTenkaSLxuDqIDf0QJOmvYQxwcaUNbIot-kxUrXw4w2kiG0lk-0d9_xz3-362BscphMCbD8qtSOYegV4Iq93Y_yaBY1b4Qd77m2Fxzm5U1Q3x4WeSqnHoTIOHMFUdyDZeIWtUzZdwxBStdg4Zj0uYrujUGq1-kzQ2ez6wKyA1kbLgg1sga-ovzSYBgmw4a8a1x55vXhG7kWqS2fucMR_74PZAU5EajqEaW4PIPhNFPfni-V5CwFR8vjIE_sNpYM8uu-oSU_hsp2mceQmALbLzE83KgZCFiJFDH8U1bRAqXeC6_Aup3JA0iXVo-YQMjRCP3bclvWFPS2bHZ8b8CCuCbwPrLOnxnQXsKw0Jch7FIUuPvS4gx7IaU8QdKTDWV0gSPMnDOcY-Dab8=w72-h72-p-k-no-nu

    HTTP Response

    404
  • 13.33.187.75:443
    https://media.go2speed.org/brand/files/lazada/301/IDNikonCanonDSLR468x60.gif
    tls, http
    IEXPLORE.EXE
    1.4kB
    17.7kB
    14
    19

    HTTP Request

    GET https://media.go2speed.org/brand/files/lazada/301/IDNikonCanonDSLR468x60.gif

    HTTP Response

    200
  • 172.217.16.225:443
    https://themes.googleusercontent.com/static/fonts/roboto/v10/2UX7WLTfW3W8TclTUvlFyQ.woff
    tls, http
    IEXPLORE.EXE
    1.5kB
    32.6kB
    19
    28

    HTTP Request

    GET https://themes.googleusercontent.com/static/fonts/roboto/v10/2UX7WLTfW3W8TclTUvlFyQ.woff

    HTTP Response

    200
  • 172.217.16.225:443
    https://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
    tls, http
    IEXPLORE.EXE
    2.3kB
    56.6kB
    29
    46

    HTTP Request

    GET https://themes.googleusercontent.com/static/fonts/roboto/v10/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff

    HTTP Response

    200

    HTTP Request

    GET https://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff

    HTTP Response

    200
  • 172.217.16.225:443
    https://themes.googleusercontent.com/static/fonts/roboto/v10/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
    tls, http
    IEXPLORE.EXE
    1.5kB
    31.2kB
    18
    27

    HTTP Request

    GET https://themes.googleusercontent.com/static/fonts/roboto/v10/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff

    HTTP Response

    200
  • 172.217.16.225:443
    https://themes.googleusercontent.com/static/fonts/roboto/v10/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff
    tls, http
    IEXPLORE.EXE
    1.5kB
    33.9kB
    19
    29

    HTTP Request

    GET https://themes.googleusercontent.com/static/fonts/roboto/v10/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff

    HTTP Response

    200
  • 172.217.16.225:443
    https://themes.googleusercontent.com/static/fonts/roboto/v10/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff
    tls, http
    IEXPLORE.EXE
    1.5kB
    31.4kB
    18
    27

    HTTP Request

    GET https://themes.googleusercontent.com/static/fonts/roboto/v10/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff

    HTTP Response

    200
  • 45.56.79.23:80
    http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html
    http
    IEXPLORE.EXE
    607 B
    580 B
    5
    4

    HTTP Request

    GET http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html

    HTTP Response

    200
  • 45.56.79.23:80
    jqueryapi.info
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 142.250.200.1:443
    https://aneuknanggrou.blogspot.com/2014/05/biografi-ahok-basuki-tjahaja-purnama.html
    tls, http
    IEXPLORE.EXE
    1.9kB
    51.9kB
    28
    46

    HTTP Request

    GET https://aneuknanggrou.blogspot.com/2014/05/biografi-ahok-basuki-tjahaja-purnama.html

    HTTP Response

    404
  • 142.250.200.1:443
    https://aneuknanggrou.blogspot.com/feeds/posts/summary/-/Biografi%20Tokoh%20Dunia?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex
    tls, http
    IEXPLORE.EXE
    1.2kB
    10.5kB
    10
    12

    HTTP Request

    GET https://aneuknanggrou.blogspot.com/feeds/posts/summary/-/Biografi%20Tokoh%20Dunia?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex

    HTTP Response

    404
  • 104.20.18.71:80
    s10.histats.com
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 104.20.18.71:80
    http://s10.histats.com/js15.js
    http
    IEXPLORE.EXE
    575 B
    5.1kB
    7
    7

    HTTP Request

    GET http://s10.histats.com/js15.js

    HTTP Response

    200
  • 149.56.240.132:443
    https://s4.histats.com/stats/2738768.php?2738768&@f16&@g1&@h1&@i1&@j1717312365439&@k0&@l1&@mBiografi%20Benazir%20Bhutto%20-%20ANEUK%20NANGGROU&@n0&@o1000&@q0&@r0&@s423&@ten-US&@u1280&@b1:-164061990&@b3:1717312365&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html&@w
    tls, http
    IEXPLORE.EXE
    1.7kB
    3.8kB
    11
    8

    HTTP Request

    GET https://s4.histats.com/stats/2738768.php?2738768&@f16&@g1&@h1&@i1&@j1717312365439&@k0&@l1&@mBiografi%20Benazir%20Bhutto%20-%20ANEUK%20NANGGROU&@n0&@o1000&@q0&@r0&@s423&@ten-US&@u1280&@b1:-164061990&@b3:1717312365&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5C8d45f73fbc46582d77f2ab3a4fdb33f5_JaffaCakes118.html&@w

    HTTP Response

    200
  • 149.56.240.132:443
    s4.histats.com
    tls
    IEXPLORE.EXE
    931 B
    3.2kB
    9
    9
  • 142.250.200.1:443
    https://aneuknanggrou.blogspot.com/2014/05/biografi-benjamin-franklin.html
    tls, http
    IEXPLORE.EXE
    1.7kB
    45.3kB
    25
    40

    HTTP Request

    GET https://aneuknanggrou.blogspot.com/2014/05/biografi-benjamin-franklin.html

    HTTP Response

    404
  • 104.20.18.71:443
    https://s10.histats.com/counters/cc_423.js
    tls, http
    IEXPLORE.EXE
    1.3kB
    12.9kB
    15
    17

    HTTP Request

    GET https://s10.histats.com/counters/cc_423.js

    HTTP Response

    200
  • 23.63.101.152:80
    http://apps.identrust.com/roots/dstrootcax3.p7c
    http
    IEXPLORE.EXE
    421 B
    1.6kB
    6
    5

    HTTP Request

    GET http://apps.identrust.com/roots/dstrootcax3.p7c

    HTTP Response

    200
  • 23.55.97.11:80
    http://x2.c.lencr.org/
    http
    IEXPLORE.EXE
    396 B
    1.3kB
    6
    4

    HTTP Request

    GET http://x2.c.lencr.org/

    HTTP Response

    200
  • 149.56.240.132:443
    https://s4.histats.com/stats/e.php?2738768&@Ab&@R2592&@w
    tls, http
    IEXPLORE.EXE
    1.3kB
    3.8kB
    10
    9

    HTTP Request

    GET https://s4.histats.com/stats/e.php?2738768&@Ab&@R2592&@w

    HTTP Response

    200
  • 149.56.240.132:443
    s4.histats.com
    tls
    IEXPLORE.EXE
    963 B
    3.2kB
    9
    8
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
    7.6kB
    9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
    7.6kB
    9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
    7.6kB
    9
    12
  • 8.8.8.8:53
    www.blogger.com
    dns
    IEXPLORE.EXE
    61 B
    108 B
    1
    1

    DNS Request

    www.blogger.com

    DNS Response

    142.250.178.9

  • 8.8.8.8:53
    ajax.googleapis.com
    dns
    IEXPLORE.EXE
    65 B
    81 B
    1
    1

    DNS Request

    ajax.googleapis.com

    DNS Response

    142.250.187.202

  • 8.8.8.8:53
    apis.google.com
    dns
    IEXPLORE.EXE
    61 B
    98 B
    1
    1

    DNS Request

    apis.google.com

    DNS Response

    142.250.200.14

  • 8.8.8.8:53
    media.go2speed.org
    dns
    IEXPLORE.EXE
    64 B
    128 B
    1
    1

    DNS Request

    media.go2speed.org

    DNS Response

    13.33.187.75
    13.33.187.7
    13.33.187.56
    13.33.187.40

  • 8.8.8.8:53
    lh3.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh3.googleusercontent.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    resources.blogblog.com
    dns
    IEXPLORE.EXE
    68 B
    115 B
    1
    1

    DNS Request

    resources.blogblog.com

    DNS Response

    142.250.178.9

  • 8.8.8.8:53
    lh6.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh6.googleusercontent.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    lh4.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh4.googleusercontent.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    lh5.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh5.googleusercontent.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    themes.googleusercontent.com
    dns
    IEXPLORE.EXE
    74 B
    119 B
    1
    1

    DNS Request

    themes.googleusercontent.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    jqueryapi.info
    dns
    IEXPLORE.EXE
    60 B
    252 B
    1
    1

    DNS Request

    jqueryapi.info

    DNS Response

    45.56.79.23
    198.58.118.167
    45.33.23.183
    96.126.123.244
    45.79.19.196
    45.33.2.79
    173.255.194.134
    72.14.185.43
    45.33.18.44
    45.33.30.197
    72.14.178.174
    45.33.20.235

  • 8.8.8.8:53
    aneuknanggrou.blogspot.com
    dns
    IEXPLORE.EXE
    72 B
    131 B
    1
    1

    DNS Request

    aneuknanggrou.blogspot.com

    DNS Response

    142.250.200.1

  • 8.8.8.8:53
    s10.histats.com
    dns
    IEXPLORE.EXE
    61 B
    141 B
    1
    1

    DNS Request

    s10.histats.com

    DNS Response

    104.20.18.71
    104.20.19.71

  • 8.8.8.8:53
    s4.histats.com
    dns
    IEXPLORE.EXE
    60 B
    268 B
    1
    1

    DNS Request

    s4.histats.com

    DNS Response

    149.56.240.132
    149.56.240.131
    149.56.240.130
    149.56.240.129
    54.39.128.162
    149.56.240.127
    158.69.254.144
    149.56.240.27
    142.4.219.198
    149.56.240.128
    54.39.156.32
    149.56.240.31
    54.39.128.117

  • 8.8.8.8:53
    apps.identrust.com
    dns
    IEXPLORE.EXE
    64 B
    165 B
    1
    1

    DNS Request

    apps.identrust.com

    DNS Response

    23.63.101.152
    23.63.101.153

  • 8.8.8.8:53
    x2.c.lencr.org
    dns
    IEXPLORE.EXE
    60 B
    165 B
    1
    1

    DNS Request

    x2.c.lencr.org

    DNS Response

    23.55.97.11

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    2.21.17.194

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    2.21.17.194

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    692279c5553e7a91afc1ca91c069ab0b

    SHA1

    fc846f60a38c827cf36a93199aae2b31461062fb

    SHA256

    614599256797fc9aa08f02604b0e0c30bc7d9ba63d9a46142c66a3f3f1f05b8e

    SHA512

    a91058ac441204387a78e3249a69574a18dab38f81f3c9fa632607be5379f950ff1fdf9fb7c7a1ac4f4bcd296d5af67cd8f968b40349bdb401191c0a225a8502

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_645BC4A49DCDC40FE5917FA45C6D4517

    Filesize

    1KB

    MD5

    70950c7134dcc0763676b85099d8d1ca

    SHA1

    f4b53db07c7137bb2d31ac5aa6c7b506884f4df5

    SHA256

    5df8d40c46d748340297e38dda8fcc601f183a8443f0d343b4b55af07116d840

    SHA512

    03421c139d5055cbcb25b34f2cfaea5416c7b8164257b0735741bb4daeb9082cc550f182ee1554ad366dd7ee4910b53fb7c8ac72fd481b0e40bb392af0173ccb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

    Filesize

    2KB

    MD5

    937b7e1d66e1351f67adee906ddb580b

    SHA1

    db2d3d911ddd29b4a651c456670b4eec20700ca1

    SHA256

    39b344d1d63f82f44e247870811fb97569d1cac07273b4f326e7e2f878219501

    SHA512

    ca4c0d84457fb2808f8637c1486f3e5fbcddb56128dae830c13c9e09b3d9a0bd7b18caa7fe5650417391bc60fa53971826160bac0b89d00c008f1459f4f811e4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

    Filesize

    1KB

    MD5

    69dbd744ec831f2a7c969058cd6d2197

    SHA1

    12ecb062b868067ee4a7f895d869925791ea3767

    SHA256

    6025aa327a83970b16af452b5c4b027c2b9376934fa572472dd62acdeba873f3

    SHA512

    6818ee4f1599a06a1fc24dfef18f005b9b78cf88413eab94672b4daaa1ec039e4cf9b309766bc21fedc68579982b6b019fdb836eef987f470c231ae2a4aeeb36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_6B69C29B30EAF4FCF9E240B3D6A77FC9

    Filesize

    472B

    MD5

    5951f53315a62d4363c6ac0b74c9677c

    SHA1

    6f1c3aaf40573bf1b03a1745a06e03ef220260e7

    SHA256

    1ba41d81dac5267b2b15348aa2f1b64456226b8780a36084f8b756bb9cc5828e

    SHA512

    4564a10d054f5751af91e75206779fc12739fb910e6a601e6f1075aef197072fe796e2d54f47dd538f4c725885ae558e1ef643f570990b4523258e5213a1f9b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_827A2BD464611B5891D523F77B43FEB1

    Filesize

    472B

    MD5

    ebe9fff245c12f154e546da1ad738f90

    SHA1

    633d7e9d0afedd2e9c6a5c2503ed176191aa8ea9

    SHA256

    83ad8e030a9b9a79f55dba98cb05e2ddbd586e53432bfdb7e6960bd5fce53268

    SHA512

    0859f186aeb61119dfd40633e9110157e3a125a01cefbb4e326615fe6d9fd1abbb1e42cf3d98865920d5bf9c6e92fe4c056a8249492581334f7c63446b5e8179

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    bea781901e41611497b21503c9bc5003

    SHA1

    371e26d8d89407ac41cac8028dd4fde1602f9507

    SHA256

    373eb1c90917f04ff08c8b2990ea255cfc8825be51678f1ec3c0ac73b017574e

    SHA512

    6f1d58972135cc9e4e809c5752925db0b376311d3c6b3a370f1a6436f7b109c7cd064e431ca3f1fe31ebf45cc178e825d71677f55d5712a0e5fc43cc4389a85e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    9dee1973ed2aad7174d2ca2a34707060

    SHA1

    c55d26ca326bef5fcb7af1aa40771313ae1b0396

    SHA256

    7f46ef09b7dc48132dfac757a86c25d0b666e3a17592d07a962b7878c41ae8e3

    SHA512

    5be9ae70e70eff69f9172929f05f9405d5437db0c46aba465296dd5c8d3b9663ad9f1c86be1f8f65b1367e6d96618f51c45123c42151de8fbc4a6aa7aa20114f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    879ed2960a8c497494acf37218988688

    SHA1

    4302868d4f0a7a57f0a123df1b56265459d92f9f

    SHA256

    17e36f339c161e397fc49679a745f36dd3744eaa9dc1f3279d5005ccbe76eb81

    SHA512

    1f1a814005fcc41b793f2521652fb9cafb2d166b971bf75937f9948403527af83cf5eaf4ebae7f107b885b250d9205a911e7fc22f83a149068477a2597548c60

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    d5b0d4aa5590050e0a31116f3bf7011b

    SHA1

    342503ce20fcb2dedab9dccc09dd620f20eb513f

    SHA256

    092af72a98e3c3d09f66d3c7087e4a60f01dca9e4bcd4683a27ce83c1f1a5a30

    SHA512

    4654a2d0cee712b058eb27300a26e2dbb1909e90c643ed9a0e250b90ff6f65c94591a93f3bbf302095d20d4598465ca3052d1327d9e34b74d87bc907fb177757

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    8c0638e1908e186b9fa5fcff5fb1bd35

    SHA1

    fe96d953adc17f7c86f9b7b8f36abd679767859d

    SHA256

    5f758befd4849deb773e1cc5ae03c038522247540a359e22f67533eefa613d92

    SHA512

    42180ad37c1e6d5da0dd684a8d6266090b695bf50b224c14835ece834bbfae0167c626235bff26d34955a568e9a6f5c3b78e6ed885449b1842c93bf30f9b9332

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\75CA58072B9926F763A91F0CC2798706_645BC4A49DCDC40FE5917FA45C6D4517

    Filesize

    434B

    MD5

    77405eaa96d1bd73e9cff0229917611b

    SHA1

    7f39f942201f652137725ea9f959d04ce8b4b65a

    SHA256

    4982bd3dfb9569d1bdae71d0aa0c81657f791b5ca3574eeca7ee3734e189e003

    SHA512

    75cc8947905c2c52011a396ebb76f403087e99076ac69916fb292d11737db451cc7bf6dca9400042e7b11167a46d9bfb59add0c549fd71953f726ecc0794efed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e0eb31d0d0aae09d67f2d8652211c63c

    SHA1

    9f275a6445bd6c81c10a54a9dbf8df7e8d8e15d4

    SHA256

    79bacb74f2bb6d63b584beab9964e7240f80889eabf7311a10fa25cc5a174688

    SHA512

    e166a9ccafd6b08ee1ade0d7bcaf7bec30b0cdeeee9e05e8ff28d3184f9454b0e337b62f12911debb2668db7f10802f44fdc18511710f4062889de45b0f23768

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    868f06c9ef059969a162d304728d9928

    SHA1

    e1d8ab517e3739838b128d38f4738b3ec52eed58

    SHA256

    6bb47fd7933100e4d5290b942ff7f1ed82e33875e26093c5e72646daaf9a636d

    SHA512

    ef2a7a40daf36cfdd0eed45d93d3b6228993ebfa15db7584c86837ce581eadd9d3a5ef68966638c2aaa8cd750f54ee8184742e4a31ab8019ed7da33ec501a678

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9123a7914993d407e539cee3f0a83591

    SHA1

    e8996d6f71e9fdc0ccf69ec7d40b09498c97ab04

    SHA256

    c9a97ddddae41abf73af654ffbcdbc3040d6ef4b7feab6a50c5602424b4f1946

    SHA512

    443645d2f07192b675b7253b4c9cf25cd77d0a5d1b45ab90e1809c655b0df0a3ee0c44df7f38203b7d5833c514b25107b2fdc55e5f8170eb754ee491b4983344

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a7694447277563f71f6c4f8dbd2edab

    SHA1

    26c94ad675f8aa125283726f3eba8d5b7c918f72

    SHA256

    39eb2513d5f19ad9788c1b27209f5eacddcde0d73cd67acbf48b7e32e75205a0

    SHA512

    20d4079c9b15413ceeca62fc034bb38a9ada8977d663750154ff9629f0329a268ff15d13dfa324553a9c38bae74827faf5b066907ca747b02b67a0eb0cebb79f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6a02c8f6ce30c1c265318ced5c807d4d

    SHA1

    3704485c16683cff0691bbf42adf8b3be77a84db

    SHA256

    c3fd7bbb82cee482b91048e8bcfb1c2710833da138b37a3892d2be3aa1cbc201

    SHA512

    8c485fb6efbbf062a0457281d00b6d532303197b66433c49fda49ed1e8fb0229400ac29503dc8be00e07ae02a06010ec640c64f76f6ea3a754da5870efa4ad25

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e6158dda00c10ed5338e10f9e5bb7c42

    SHA1

    572db46ad4d6e270b95fdd704d98534ba74cd7da

    SHA256

    0bd046f33ec10bfd8a63f4012efc25515afd378d41fbb14fc1f60571e2836918

    SHA512

    97c8d33b8d3dfaecf601557f33f2bae19e8020828821c3f99edcde21fb40ee7410139fc80ec23957bba8725ddcbcea5dd0dfa0471cf7152c0d90af09b63fcca0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3916f76dc9133101baba96429a6a3db3

    SHA1

    3e381798b72d9d45cd83d0d3b3943cd787111f2d

    SHA256

    9fead565a6fd85c4b2d00a251047915f86a74a5273b02d6f449026119c3b1b67

    SHA512

    6981d66a661fa442e9d95f77d34eed782305106ed8cb38afe4b4788b793b77c0b8ba932230f9ffd8ea530016db34c203b0ccfae7459deb119a76414a81aa0acb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7e0a8001550d67310502a6a655f8809e

    SHA1

    4fd9dc7e4aede4bf8a5c1d7f2d75bc105797f133

    SHA256

    c3615b8fb07a5da08d34ab685b303c1ae30b50bc9fb2090f4a04269b6c532a51

    SHA512

    6e8f15c24d3ac889962da3844732650ad5e042f8b5ab65aade711f61ae5075fd424a54508bc5f371777b29636ce8eb9b4dd4d7e0318cf81582c1facef90dc4ce

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b06b0c998f2b1c5865432710ead8858

    SHA1

    236ebb9eaf946334d32044f3578ec873654d61c5

    SHA256

    10cf20e0c126928e33f1e815ee196d5e2216178185fe5b7f098d9502ba8bdcb6

    SHA512

    aab5fc51bd3b3db39455ca4c11470bf49f70232e3c460556b0cb8e5a9b9a62104e1a5ceed7358beb39f4a30051f772fc34c856b1d150b109953c665210e1e440

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ce4738eec8cbd51dcef38ed6ceabda45

    SHA1

    7b415c1dadc20673d525d35230ef9cc8f659da0a

    SHA256

    46b6b60b0fdbacbe8ab5c15909e0a901a2bc0dfb4318310db7eb32b983a13544

    SHA512

    11815d9403321c94d01c1177d67c727af1863e33e442bbcb6543dbfd32f8d0cf6527039d47c1fc926b9b1a2bf9b827040183f0feec013f27f6a31abad20521eb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    61d659df978a722626743665d0261e42

    SHA1

    2e6778b6a44a4149ba56d7eb809723f99f292b51

    SHA256

    c8bec305e9956a134a764f1473520980625612768963cf17df9624e663fc86ca

    SHA512

    d4c3928575c010787ca344186e3e2c50481bdb18581948b34d1d42a3fdb62bd17c19c8d8708657856593ce4ee779f8ef5ddcb82402d72732be93f72ec04134f0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5c0f7a73823b22140438badd6a6f4a4

    SHA1

    8c45dbb331ba4e56be4540bcf10b7d919fd7dd70

    SHA256

    8e1d2330ab3090b75b1fd6a30f490c7735691e4378a9ca590ad7359ca63a6685

    SHA512

    2e7b2cc55abeab931a1b883d6fe5e93cad8ccb80f2f23a3629305bb875e3ca1715c43979e896c457841d2e5b47ce90c2469b61be1974ba153b128ca22bf7f8b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9632e108e949ad498c8da86725b182b

    SHA1

    c3b82859ed69e09526f1c9f5044efc50f95beb44

    SHA256

    80ada1612300822bfdd6981042367175ec6dd351328ee6ae86a31a3b2fc17664

    SHA512

    5072643404ed9ac8b4e7c23e3436f0acf195fea3de959276a4f2f7b42fb6505aba2839c139d8c0acf1a382a9b0483a21c4d96dffe1e5208cc0fe4ab91bcd050c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c917f8815ee15cabe46bd0667ef2a22

    SHA1

    f9e12b88692bbdf63d8f726b3160e52b6398e3ce

    SHA256

    c6a2815a4e1333179187ca791a89ff5ee09fcecc28cb8f6fc5c3bfcf706b19df

    SHA512

    89eab5289fe72c57df3405044e20de337930f3152659f65bb2f31b4d846038458461ddf8826c53de6a760c4021aaab7709af5355c517b87d6ac9796776575643

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1cdb907f06bcbdb03fa1fbb1841ae6d5

    SHA1

    9bc45199fcbb85f867b7f0390f15e2e447ee82da

    SHA256

    1938070f1354d0410becb1004db63a86acd0f3042ba32e378cdc38cc9713df0f

    SHA512

    42b835f0b1ed98084586bb45ce689d9f74b52b14a83dd4ddca1fc7c3985d8a1bf9c2fdb6edb82bf1d3525786e4d00ddc20220910e8c147a5da46a50061cef295

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    6faa081a5f01e312a7a20efe2846172b

    SHA1

    202c4acd038086cf9cd4f7436c729c6a52b3ef77

    SHA256

    65171bd1a70c0ca8a45934198867d4e8a95818314c586fd989c3fe29036c0b5a

    SHA512

    c34d836ea825733d8e551b9cf64ec9ae376ce7459bcb3d036720b394616cb5e4bcaf23c534da25a945d4f3f3c2a4193877d18b0c97a61952e86c05dbdd6e5c66

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d2de289f775f75cad1f76994e82f6ff5

    SHA1

    19bfa9250e446731aab9cd067e1f8cbd591debfd

    SHA256

    0c85415cd107957bc3c3c56eebce7961e34c5e3ceae2f2286fe16b2fc0ef581c

    SHA512

    e9dafed1cd4ae6f8ac3eef375fd2f124ab9521e10ac1546116eabc78fcc015cb55e30be8ae1c86fed73765e4168f4818d250df14de3179681943471d5714b76f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9fd1249bc6fa44764d44d7a1e4d141af

    SHA1

    f48eed0df990fc2cdb04e8291d160dfb242b09a9

    SHA256

    47bb8ec1864d7b050218447ad68ac69708e194278b90e2b3e5fb969b90c8a2ec

    SHA512

    94416e4ad6d4d41c944f3974f7e7f9492424537a75e80ce942cd01bfb5f5a38c916124d7aa0539894513d6c9915e60ab00e90bb9bc8c9aa94b8ca40ab6d9f534

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    749e2e30cfe89bb5121a395aeaa3fc31

    SHA1

    63403cd49478625e2ff6a2836c254c4beba9666a

    SHA256

    26a7027c1d8cc7aaba7b0531724926d50753fcb5b9fb69274d811d1e2493d483

    SHA512

    4fe19ffa6005ec3ba38b657912347179301bd2b3c803ee8da061922aa13077cde6c469d3e370bb989660553e8fa4ec1a5fe2dee4b7c859ad7e21134aaeeacd02

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e191eecaaa8561f7186c44b8cf803d72

    SHA1

    0298620bb168e171d9f7c91173246a3f72d7dfa5

    SHA256

    c4f75d8c68f301d4a273fc5a3c53a68c3c653f1432a01b540a50123c32f89053

    SHA512

    327552307f28032142bdd262703bcf7f11538724b87363d697e6caa49e2aad3c92a2591a90c11044b0cf40a0be407677fd0fee2511cd1a99aa07f0e98de07ce6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2765efa90a394a213a3e389055908f9e

    SHA1

    cec0eebfe9a2b4dc264f8cb7ab06cab4cb196e50

    SHA256

    c9a4fdd600b64b6b1536c0c90c739429a005b67eb75f66d5c4c24693ecfeac9a

    SHA512

    3ffa520169a136b54398f1a7cad4a2b246157ffdea059ee9d5474cfc7421dd58bf3b57bf7c521bcb3c70c959da650230efdd47a2ae94f3b3bd9ceb350b281e62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8fd3e9b1fe819530cf979197cfaa1ace

    SHA1

    962f8cf35353ce8eea30b67260dcb013e82c846f

    SHA256

    11928054ff83b3823f608c4ac55193658cc16b2c7158013ec70b8e081a1efc42

    SHA512

    2d8807692170116722028eeafd3884f33314f8b8b424e881ce3015e27780fdbb05342132baebb100ecb48bfb182666e7887d674ef2194876e2661197d7fe0f08

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4e450411b45f71f8c509747564ae49ac

    SHA1

    9f79b71be5b209d3fb1a2b81d24af379850b3be2

    SHA256

    196c8d3f7452bb757ed799ed5d4c73a5dc2301b789e5e640ca07eaaf216b3187

    SHA512

    c04c6e92946d6516198f492250511d6773a5baf341a5349745344802f26483adbc35b9820a58b9860dc7aac6a2d9ff73cfbe0d397a7e371fa78f8c075e841a78

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0254242fa43561215a3e0603b4c67918

    SHA1

    9fa334fe31b349400fdd4c4a19bdc8640ab58602

    SHA256

    ef73eaf717ad58e4eb8fb01e20e0984869828e4c88e95651f4a5d0b67acdee4b

    SHA512

    df18cb205ee55d31726fd78ab0f082c32fba97a96e3174b86f7812e81effe270d206087c038535b42c623e9984b7241f97e2779b866c906d2fee93a5bdcf2bd8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    47ac4da7371ea3e3cc3a88b36b52d4db

    SHA1

    dda271908cf2f17f6e83e1698b693c1109163cdc

    SHA256

    e6f8ebf061503d0567882e3da3d08ff3dbdb5dcf334653071282233c19bfcb62

    SHA512

    2b6ac3c4427dd7939659dd74531df7164529bd1eea20433f64c9713f855385ccbecea98c5e64aff13f6c6aec4d2a5a091c797465978812ea35b8a6e5135afb2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e887cf929f4445ddeff87b19e84bcd7b

    SHA1

    490dc300380ab02fb10de8672483afd949f0ac7b

    SHA256

    9d663af7a3f542e216d96d7617cf9ebfc8db06aba2aabc4d6e7c9d378422bd2d

    SHA512

    94ed7f20fc3203ba3eedd793078a935a3e8803114bb568f4cddce3af8a9d534e1841859e093ea9ef69aa2fae5dcfd7124d1efb834593b43361a2f1d662c38a53

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    867bfc6c9326ece9c48d3f825ea63ce5

    SHA1

    83a1235bb36365fdc6ea71c3381fe5bccbdb1840

    SHA256

    e6d46111169e01095022032fde640de622429953d925c6b237f0dcfd9ec9693e

    SHA512

    bda7fc24af5651e6ec3663780292a95a491dab59c0663b088985774c5ac96116f1df2997b84d9b54dea49010a10025c352a818c83de2575bf1ef7b131523e5f6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9af60becde88157b1edf223b9a669a89

    SHA1

    85958f6c4a52326c27337407663cb6ca478e3f15

    SHA256

    f854ea344c5c7d124d03d2dd53152f8f1e7799c3318aaa08dd6b88997d64b8c2

    SHA512

    8cbffb30ff097a5bcc2fda2a59fc7739b1b230fd5e0be235babaf5bfceec1a8ba788382336bcb8419139f169bf24d9b5e337476fcefd04e664c56f5263b7a603

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    aeb27f65945a9c7e3afd977ebf0741bb

    SHA1

    75acafdc41685496e698ed7e7d62f96e745dffef

    SHA256

    b88342c73c5c0580dc8f8b2efce15e5bad39194bf4629d11dd955a9399962497

    SHA512

    ed1c7106234c319ef4378c5a42b6bfa7be4eaeedd2fc0c2cf340a2addb99701c21de32c2f73a63d1005828006c8530ed224880af2d430a86576e3866959f3487

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B66240B0F6C84BD4857ABA60CF5CE4A0_5043E0F5DF723415C9EECC201C838A62

    Filesize

    458B

    MD5

    015041c9f6fc08f42f948def603c829b

    SHA1

    39b5df94fd73cfbb08e38798c81b0470782128ff

    SHA256

    4710864dc04029ee594c05ee749817ac777fb4035b8df3d2c3464370d1dc13fb

    SHA512

    1554362d28b14af04e2911337b15571f784b09af2235402509d72d20c884444f06d7e590d8c7b4e7e979227eeb1f363bafcde281758a20c987a7dc01dc2359a1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    b1507f86d7f02a7ce62e1b44eab1125b

    SHA1

    39856ae36b5e02a835cfe1315f5f7bb458323409

    SHA256

    b8765e598100bc6b1a0edfba621412b514586343777a6346b018eaa9b3949273

    SHA512

    c30e6a887b0e5a05b9070254c2f46fb4d441ad5b96e6fc43d08a8ec6240ab722a9ddf38b7333887d9c5c5a8b9ef86d1fdfd5f8e7a696fa506451138777b11471

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    8d8dd31920a10934691cdabbdf50b120

    SHA1

    4019b52530037133236369d5468b84f7a146aed2

    SHA256

    eaf4f68fac5c606d58fc78119ba1bfb021df32e6aec50f4cbd795f93a556abea

    SHA512

    6bc9f5a5ed35a4abd910bea5055c1d788a10c06e040a27b328fa1a2647e00e64d286dbecca7408554b15f89c0539379b893f66d66ea069279b54237829cca59a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    74ddb5a075ddb6764812b8258cf842d8

    SHA1

    6302b94a0385cf09d1c01a1e203016de5ae3772f

    SHA256

    57a1a1206bf811c9b56e3481011242f90de5ff37f1e8a7bd2f1d74af0118addc

    SHA512

    aa60dbf84dc6466cb3eb4eca3fb7dc99bad45ac614224bea87d88c0116d13242485dcdcc6c7c63b42a0a90c83e95cc97555bfbd9263c998366ef38624ba0301e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    392B

    MD5

    30b294f3267e74fe98695b86b65558e8

    SHA1

    b95a063538fd1d9d775a810d68e0f770cdf795c7

    SHA256

    eb8982f84136dfb5a7786eaa57d165b6cca3c1040cd9aa3fdf350e2f84a4213a

    SHA512

    9d19fb2348c53d3b1511b19154a0a05fcf97e9649f366689bafec230fd2cc3d58e365ee11bd61a39a95f80c8410ebf7adef6d5b7678b5b0e51a75d4a16bfba28

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_6B69C29B30EAF4FCF9E240B3D6A77FC9

    Filesize

    402B

    MD5

    72bd3a2d9c8b004eba0b7e264e7c5a17

    SHA1

    3bdabe2a0331770b5a4a966a1bcba81fbb34fe2e

    SHA256

    09255737f923b33600126fa55dab2e49ef54e7ef1c0ca24b700b566de79a33a4

    SHA512

    da65671f1afbea6da892d3b4563a1a52989247ec2496029182d3bc20aa34b38ead22fc8d395b60f0a8f48ca881fff25f5d531c27a42728a63ab97ccb337c9882

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_6B69C29B30EAF4FCF9E240B3D6A77FC9

    Filesize

    402B

    MD5

    e494b7a6dff87ba4d80d2875f9bcb796

    SHA1

    7efad7d786a19d6099b28f5e035f9cb4fbf4ecfe

    SHA256

    5583043741d859e32a9688f9e6396eccc72670f9d7e4a739c4d284f62d4eb7a4

    SHA512

    9b1736d25963dee16c61a6e5231f98cb662e11fe1f2814632b989b7c7583a09b795ec77816fe50e903a51652805634827f1b99888eef037e4d5ed7e16523d237

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_6B69C29B30EAF4FCF9E240B3D6A77FC9

    Filesize

    402B

    MD5

    33ff956817866413ec8c47d22c500630

    SHA1

    b3f8e6abe826bb262df609b8b568fb018c5e7729

    SHA256

    853ae0d9ba8e8ce6ff829f8e770df990fbf06ca5bc4a7ff1cb00c746a4a5bf4b

    SHA512

    77b30a38302e07ef3e015fb2ad9d46eb7b8e9f208f5bb36a6270c6891cce9bad43db52077f61d600708ec01f681c9cd4cbb2ddc84749ad0295f85cb893bfa712

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_827A2BD464611B5891D523F77B43FEB1

    Filesize

    406B

    MD5

    8ad4ae5e92438fb4c8785f4cdf6c9c1b

    SHA1

    6170278599ce1663656ac728e367cb4290af1a91

    SHA256

    358b841e66188f45664ea5225d73babd2f6d2ad7fb5de9faec07134cf81a1006

    SHA512

    ac3d4bd005ba2c188089eb572c9e6cab302c745aa25d9ddbb5f5c75a70293e54d30200e80cb532627f25425957ae41f1f34a673a5b820e46b0992b1ada76e8e0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    9dcc69fc988187fa29c596780352fc85

    SHA1

    e0cc119600fa3bc7cc63932e11edafbfb009c88e

    SHA256

    1278f64b7d032d58dd42b90ee71179a2e344f2df3d6bd8c83230343338ef3c1a

    SHA512

    d62c93accb158a5f8e9dc93d98a06e8284128c4029260d79324eb06c1c288edf648039f32be26b6f694c78d13f067ce63e3939dc86d417b75e396d97b116b388

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\platform_gapi.iframes.style.common[1].js

    Filesize

    54KB

    MD5

    682c26af19b240f98d2cb951721fa54d

    SHA1

    18e58b652c7f82a55ab4b1910693686049e25d62

    SHA256

    96428f0f585a874c185d560538ad83ebfad0365d760fcf9fcefe80add9e3c980

    SHA512

    078aeef086271b7f9cf0f6e3a1e7908d7e38465a1a7a4de6f2a785147e9130551a2995e80600824da9341d58e5425d4505518e90eea9ffe1c64f4f41825a9660

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5OCCPTL4\6KFK71UH.js

    Filesize

    157B

    MD5

    67e216a27dda24bdcb086c2385b0cb99

    SHA1

    17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

    SHA256

    9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

    SHA512

    802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\cb=gapi[1].js

    Filesize

    134KB

    MD5

    f9255a0dec7524a9a3e867a9f878a68b

    SHA1

    813943e6af4a8592f48aeb0d2ab88ead8d3b8c8b

    SHA256

    d9acfd91940f52506ac7caeffea927d5d1ce0b483471fa771a3d4d78d59fda0d

    SHA512

    d013be6bfc6bcf6da8e08ed6ff4963f6c60389baa3a33d15db97d081d3239635f48111db65e580937eb1ea9dc3b7fc6b4aecb012daeee3bf99cfebf84748177e

  • C:\Users\Admin\AppData\Local\Temp\Cab12F6.tmp

    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

  • C:\Users\Admin\AppData\Local\Temp\Tar12F9.tmp

    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

  • C:\Users\Admin\AppData\Local\Temp\Tar1441.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.