771d86c3b634c19e2e56152c13775d63d3d47fff0d241f6801fa275b7db75705

Analysis

max time kernel
133s
max time network
127s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/06/2024, 21:59 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9c128c23c41a4d846532f697a5c2e040_JaffaCakes118.html
Size

103KB
MD5

9c128c23c41a4d846532f697a5c2e040
SHA1

01ce33077a950c234283bf1771564852869e442d
SHA256

771d86c3b634c19e2e56152c13775d63d3d47fff0d241f6801fa275b7db75705
SHA512

d63361ccb12a8792efa62677d4ccf5aac501807fd5976db328b0ef3a14a9a37767c823cb9e38698a60feed84abb220a60444fee7f1dcdef2a3f4d394e9ca8007
SSDEEP

3072:YjY2sYJ6rHfgaToXdYKlG+XrRmMHjDFt+MI72XdUS:Y4oaTo44n

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{B716B901-2774-11EF-83FC-5267BFD3BAD1} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006872b668afb8f7489107168dc69bc0b400000000020000000000106600000001000020000000eb30b7ab3e26f6b6abdf6687951446b77fc77343667a99fe1d775e047dadb4c4000000000e8000000002000020000000ce40fa65021f1958db28f8244ec509f0f74f89f0e630d0f75fe9d67d88f5432120000000087c079aaa793197c6a16f56f8b9ab9664619328b31ba34c66de22916cfa428e4000000061d1efef2652f4933413d43d4f8e5accfb2be1f787d680821626ba9456b7a278974152d35a7648e2d042d8b346f8b66b8784f4b6e7399d7862ca98c8c46bd97a	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 808c278f81bbda01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "424218638"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000006872b668afb8f7489107168dc69bc0b400000000020000000000106600000001000020000000021d733efd731aa7a74620a7c84499c47979013487f3932c4c87f04068e41bca000000000e80000000020000200000008c1dbed41fecefc9a206fda4f6cb31ab9ab3bdc6582e0fc246cd4305cfa3b71190000000073d72b81d1c94c7f5bc338ca1cded370dcbd59a37c070972970618a07086d2d95f43f1fb3261fb7a8af675908d0cf8650ed4c6e1804160a57e3594902db5d15684c0312936426c0fe7596c3efe81fdbe768a125ee092af7bc72fdde03aa6d498dffdbdfc19e59fd8d3e705ab99226b70fc89688a159786a4e60209c57aed99faebe89ed5336b21b05acf3e231705876400000006ec147a44a75c2ea46a0782cd56e9613304fa5bd36cadce9e070fc9d3e84386c5744ea6118e945d7f7b81e161db4d06eda3436764660112186fa8045f36d31b6	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-3452737119-3959686427-228443150-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2696	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2696	iexplore.exe
2696	iexplore.exe
2228	IEXPLORE.EXE
2228	IEXPLORE.EXE
2228	IEXPLORE.EXE
2228	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2696 wrote to memory of 2228	2696	iexplore.exe	28
PID 2696 wrote to memory of 2228	2696	iexplore.exe	28
PID 2696 wrote to memory of 2228	2696	iexplore.exe	28
PID 2696 wrote to memory of 2228	2696	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\9c128c23c41a4d846532f697a5c2e040_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2696
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2696 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2228

Network

DNS

yourjavascript.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

yourjavascript.com

IN A

Response

yourjavascript.com

IN A

13.248.169.48

yourjavascript.com

IN A

76.223.54.146
DNS

static.graddit.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

static.graddit.com

IN A

Response

static.graddit.com

IN A

165.227.71.229
DNS

www.blogger.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.blogger.com

IN A

Response

www.blogger.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.178.9
DNS

code.jquery.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

code.jquery.com

IN A

Response

code.jquery.com

IN A

151.101.2.137

code.jquery.com

IN A

151.101.194.137

code.jquery.com

IN A

151.101.130.137

code.jquery.com

IN A

151.101.66.137
DNS

1.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

1.bp.blogspot.com

IN A

Response

1.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

4.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

4.bp.blogspot.com

IN A

Response

4.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

resources.blogblog.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

resources.blogblog.com

IN A

Response

resources.blogblog.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.178.9
DNS

assets.pinterest.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

assets.pinterest.com

IN A

Response

assets.pinterest.com

IN CNAME

s.pinimg.com

s.pinimg.com

IN CNAME

s-pinimg-com.gslb.pinterest.com

s-pinimg-com.gslb.pinterest.com

IN CNAME

2-01-37d2-0020.cdx.cedexis.net

2-01-37d2-0020.cdx.cedexis.net

IN CNAME

dualstack.pinterest.map.fastly.net

dualstack.pinterest.map.fastly.net

IN A

151.101.188.84
DNS

3.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

3.bp.blogspot.com

IN A

Response

3.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

lh4.ggpht.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

lh4.ggpht.com

IN A

Response

lh4.ggpht.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

2.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

2.bp.blogspot.com

IN A

Response

2.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

ajax.googleapis.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.179.234
GET

http://yourjavascript.com/24211643151/jquery.easing.js

IEXPLORE.EXE

Remote address:

13.248.169.48:80

Request

GET /24211643151/jquery.easing.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: yourjavascript.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: openresty
Date: Mon, 10 Jun 2024 21:59:33 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

http://yourjavascript.com/24211643151/jquery.easing.js

IEXPLORE.EXE

Remote address:

13.248.169.48:80

Request

GET /24211643151/jquery.easing.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: yourjavascript.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: openresty
Date: Mon, 10 Jun 2024 22:00:14 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

http://yourjavascript.com/24211643151/jquery.easing.js

IEXPLORE.EXE

Remote address:

13.248.169.48:80

Request

GET /24211643151/jquery.easing.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: yourjavascript.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: openresty
Date: Mon, 10 Jun 2024 22:00:55 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

http://yourjavascript.com/24211643151/jquery.easing.js

IEXPLORE.EXE

Remote address:

13.248.169.48:80

Request

GET /24211643151/jquery.easing.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: yourjavascript.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: openresty
Date: Mon, 10 Jun 2024 22:01:34 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

http://static.graddit.com/css/graddit.css

IEXPLORE.EXE

Remote address:

165.227.71.229:80

Request

GET /css/graddit.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.graddit.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 10 Jun 2024 21:59:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
GET

http://static.graddit.com/css/graddit.css

IEXPLORE.EXE

Remote address:

165.227.71.229:80

Request

GET /css/graddit.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.graddit.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 10 Jun 2024 22:00:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
GET

http://static.graddit.com/css/graddit.css

IEXPLORE.EXE

Remote address:

165.227.71.229:80

Request

GET /css/graddit.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.graddit.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 10 Jun 2024 22:00:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
GET

http://static.graddit.com/css/graddit.css

IEXPLORE.EXE

Remote address:

165.227.71.229:80

Request

GET /css/graddit.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: static.graddit.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 10 Jun 2024 22:01:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
GET

https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/jsbin/457480341-comment_from_post_iframe.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 4492
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 13:08:26 GMT
Expires: Tue, 10 Jun 2025 13:08:26 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 18 Apr 2019 19:13:51 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 31868
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/jsbin/482958267-cmt__en_gb.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/jsbin/482958267-cmt__en_gb.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 34775
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 13:07:05 GMT
Expires: Tue, 10 Jun 2025 13:07:05 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 05 Jun 2024 14:56:13 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 31951
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=iUFT4H_aD2n83E2qiJAm0eQnr0kH-RmNQ6xxrNG4yf8

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe-bg.g?bgresponse=js_disabled&bgint=iUFT4H_aD2n83E2qiJAm0eQnr0kH-RmNQ6xxrNG4yf8 HTTP/1.1
Accept: */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1#%7B%22color%22%3A%22rgb(170%2C%20170%2C%20170)%22%2C%22backgroundColor%22%3A%22rgba(0%2C%200%2C%200%2C%200.2)%22%2C%22unvisitedLinkColor%22%3A%22rgb(255%2C%2047%2C%2025)%22%2C%22fontFamily%22%3A%22Arial%22%7D
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 21:59:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/widgets/2549344219-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Fri, 12 Jun 2020 07:20:00 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 11:23:21 GMT
Expires: Tue, 10 Jun 2025 11:23:21 GMT
Last-Modified: Fri, 12 Jun 2020 07:20:00 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 38213
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/jsbin/482958267-cmt__en_gb.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/jsbin/482958267-cmt__en_gb.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Wed, 05 Jun 2024 14:56:13 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 13:07:05 GMT
Expires: Tue, 10 Jun 2025 13:07:05 GMT
Last-Modified: Wed, 05 Jun 2024 14:56:13 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 31990
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA HTTP/1.1
Accept: */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1#%7B%22color%22%3A%22rgb(170%2C%20170%2C%20170)%22%2C%22backgroundColor%22%3A%22rgba(0%2C%200%2C%200%2C%200.2)%22%2C%22unvisitedLinkColor%22%3A%22rgb(255%2C%2047%2C%2025)%22%2C%22fontFamily%22%3A%22Arial%22%7D
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/widgets/2549344219-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Fri, 12 Jun 2020 07:20:00 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 11:23:21 GMT
Expires: Tue, 10 Jun 2025 11:23:21 GMT
Last-Modified: Fri, 12 Jun 2020 07:20:00 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 38254
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/jsbin/482958267-cmt__en_gb.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/jsbin/482958267-cmt__en_gb.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Wed, 05 Jun 2024 14:56:13 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 13:07:05 GMT
Expires: Tue, 10 Jun 2025 13:07:05 GMT
Last-Modified: Wed, 05 Jun 2024 14:56:13 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 32030
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:01:34 GMT
Last-Modified: Mon, 10 Jun 2024 22:01:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 302 Moved Temporarily

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&go=true
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 10 Jun 2024 22:01:35 GMT
Expires: Mon, 10 Jun 2024 22:01:35 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: www.blogger.com
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:01:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/widgets/2549344219-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 6822
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 11:23:21 GMT
Expires: Tue, 10 Jun 2025 11:23:21 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 12 Jun 2020 07:20:00 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 38173
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/v-css/2621646369-cmtfp.css HTTP/1.1
Accept: text/css, */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 3701
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 11:30:59 GMT
Expires: Tue, 10 Jun 2025 11:30:59 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 10 Jun 2024 10:58:48 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 37717
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:15 GMT
Last-Modified: Mon, 10 Jun 2024 22:00:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 302 Moved Temporarily

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7565295%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7565295%26bpli%3D1&go=true
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 10 Jun 2024 22:00:15 GMT
Expires: Mon, 10 Jun 2024 22:00:15 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: www.blogger.com
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/jsbin/457480341-comment_from_post_iframe.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Thu, 18 Apr 2019 19:13:51 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 13:08:26 GMT
Expires: Tue, 10 Jun 2025 13:08:26 GMT
Last-Modified: Thu, 18 Apr 2019 19:13:51 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 31949
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/v-css/2621646369-cmtfp.css HTTP/1.1
Accept: text/css, */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Mon, 10 Jun 2024 10:58:48 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 11:30:59 GMT
Expires: Tue, 10 Jun 2025 11:30:59 GMT
Last-Modified: Mon, 10 Jun 2024 10:58:48 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 37796
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA HTTP/1.1
Accept: */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/widgets/2549344219-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Fri, 12 Jun 2020 07:20:00 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 11:23:21 GMT
Expires: Tue, 10 Jun 2025 11:23:21 GMT
Last-Modified: Fri, 12 Jun 2020 07:20:00 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 38293
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/jsbin/482958267-cmt__en_gb.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/jsbin/482958267-cmt__en_gb.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Wed, 05 Jun 2024 14:56:13 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 13:07:05 GMT
Expires: Tue, 10 Jun 2025 13:07:05 GMT
Last-Modified: Wed, 05 Jun 2024 14:56:13 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 32070
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA HTTP/1.1
Accept: */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1#%7B%22color%22%3A%22rgb(170%2C%20170%2C%20170)%22%2C%22backgroundColor%22%3A%22rgba(0%2C%200%2C%200%2C%200.2)%22%2C%22unvisitedLinkColor%22%3A%22rgb(255%2C%2047%2C%2025)%22%2C%22fontFamily%22%3A%22Arial%22%7D
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:01:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 21:59:34 GMT
Last-Modified: Mon, 10 Jun 2024 21:59:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D8828316%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D8828316%26bpli%3D1&go=true
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 10 Jun 2024 21:59:35 GMT
Expires: Mon, 10 Jun 2024 21:59:35 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 21:59:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/jsbin/457480341-comment_from_post_iframe.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Thu, 18 Apr 2019 19:13:51 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 13:08:26 GMT
Expires: Tue, 10 Jun 2025 13:08:26 GMT
Last-Modified: Thu, 18 Apr 2019 19:13:51 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 31908
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/v-css/2621646369-cmtfp.css HTTP/1.1
Accept: text/css, */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Mon, 10 Jun 2024 10:58:48 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 11:30:59 GMT
Expires: Tue, 10 Jun 2025 11:30:59 GMT
Last-Modified: Mon, 10 Jun 2024 10:58:48 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 37756
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:55 GMT
Last-Modified: Mon, 10 Jun 2024 22:00:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 302 Moved Temporarily

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D755927%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D755927%26bpli%3D1&go=true
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 10 Jun 2024 22:00:55 GMT
Expires: Mon, 10 Jun 2024 22:00:55 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: www.blogger.com
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/jsbin/457480341-comment_from_post_iframe.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Thu, 18 Apr 2019 19:13:51 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 13:08:26 GMT
Expires: Tue, 10 Jun 2025 13:08:26 GMT
Last-Modified: Thu, 18 Apr 2019 19:13:51 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 31988
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/v-css/2621646369-cmtfp.css HTTP/1.1
Accept: text/css, */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
If-Modified-Since: Mon, 10 Jun 2024 10:58:48 GMT
Connection: Keep-Alive
Cookie: S=blogger=AkDgfZjhPIRv7dZPC1y-eTbfqO-AamvDlubF2Euwf78

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 11:30:59 GMT
Expires: Tue, 10 Jun 2025 11:30:59 GMT
Last-Modified: Mon, 10 Jun 2024 10:58:48 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 37836
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://code.jquery.com/jquery-2.2.3.js

IEXPLORE.EXE

Remote address:

151.101.2.137:80

Request

GET /jquery-2.2.3.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: code.jquery.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 76643
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
ETag: W/"28feccc0-3f258"
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Jun 2024 21:59:33 GMT
Age: 3592150
X-Served-By: cache-lga21928-LGA, cache-lcy-eglc8600044-LCY
X-Cache: HIT, HIT
X-Cache-Hits: 4021, 23
X-Timer: S1718056774.813957,VS0,VE0
Vary: Accept-Encoding
GET

http://code.jquery.com/jquery-2.2.3.js

IEXPLORE.EXE

Remote address:

151.101.2.137:80

Request

GET /jquery-2.2.3.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: code.jquery.com
If-Modified-Since: Fri, 18 Oct 1991 12:00:00 GMT
If-None-Match: W/"28feccc0-3f258"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Connection: keep-alive
Date: Mon, 10 Jun 2024 22:00:14 GMT
Via: 1.1 varnish
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
ETag: W/"28feccc0-3f258"
Age: 3592191
X-Served-By: cache-lcy-eglc8600044-LCY
X-Cache: HIT
X-Cache-Hits: 24
X-Timer: S1718056815.913229,VS0,VE0
Vary: Accept-Encoding
GET

http://code.jquery.com/jquery-2.2.3.js

IEXPLORE.EXE

Remote address:

151.101.2.137:80

Request

GET /jquery-2.2.3.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: code.jquery.com
If-Modified-Since: Fri, 18 Oct 1991 12:00:00 GMT
If-None-Match: W/"28feccc0-3f258"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Connection: keep-alive
Date: Mon, 10 Jun 2024 22:00:55 GMT
Via: 1.1 varnish
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
ETag: W/"28feccc0-3f258"
Age: 3592231
X-Served-By: cache-lcy-eglc8600044-LCY
X-Cache: HIT
X-Cache-Hits: 25
X-Timer: S1718056855.079868,VS0,VE0
Vary: Accept-Encoding
GET

http://code.jquery.com/jquery-2.2.3.js

IEXPLORE.EXE

Remote address:

151.101.2.137:80

Request

GET /jquery-2.2.3.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: code.jquery.com
If-Modified-Since: Fri, 18 Oct 1991 12:00:00 GMT
If-None-Match: W/"28feccc0-3f258"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Connection: keep-alive
Date: Mon, 10 Jun 2024 22:01:34 GMT
Via: 1.1 varnish
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
ETag: W/"28feccc0-3f258"
Age: 3592271
X-Served-By: cache-lcy-eglc8600044-LCY
X-Cache: HIT
X-Cache-Hits: 26
X-Timer: S1718056895.832119,VS0,VE0
Vary: Accept-Encoding
GET

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 475
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 18:39:24 GMT
Expires: Sat, 15 Jun 2024 18:39:24 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 07 Jun 2024 20:59:55 GMT
Content-Type: image/png
Age: 184810
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/blank.gif

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/blank.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 43
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 18:43:00 GMT
Expires: Sat, 15 Jun 2024 18:43:00 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 08 Jun 2024 15:58:59 GMT
Content-Type: image/gif
Age: 184596
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/anon36.png

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/anon36.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 1654
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 18:35:29 GMT
Expires: Sat, 15 Jun 2024 18:35:29 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 08 Jun 2024 11:53:14 GMT
Content-Type: image/png
Age: 185047
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
If-Modified-Since: Fri, 07 Jun 2024 20:59:55 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:39:24 GMT
Expires: Sat, 15 Jun 2024 18:39:24 GMT
Last-Modified: Fri, 07 Jun 2024 20:59:55 GMT
Cache-Control: public, max-age=604800
Age: 184850
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/blank.gif

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/blank.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
If-Modified-Since: Sat, 08 Jun 2024 15:58:59 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:43:00 GMT
Expires: Sat, 15 Jun 2024 18:43:00 GMT
Last-Modified: Sat, 08 Jun 2024 15:58:59 GMT
Cache-Control: public, max-age=604800
Age: 184635
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
If-Modified-Since: Fri, 07 Jun 2024 20:59:55 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:39:24 GMT
Expires: Sat, 15 Jun 2024 18:39:24 GMT
Last-Modified: Fri, 07 Jun 2024 20:59:55 GMT
Cache-Control: public, max-age=604800
Age: 184891
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/blank.gif

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/blank.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
If-Modified-Since: Sat, 08 Jun 2024 15:58:59 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:43:00 GMT
Expires: Sat, 15 Jun 2024 18:43:00 GMT
Last-Modified: Sat, 08 Jun 2024 15:58:59 GMT
Cache-Control: public, max-age=604800
Age: 184675
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
If-Modified-Since: Fri, 07 Jun 2024 20:59:55 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:39:24 GMT
Expires: Sat, 15 Jun 2024 18:39:24 GMT
Last-Modified: Fri, 07 Jun 2024 20:59:55 GMT
Cache-Control: public, max-age=604800
Age: 184930
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://resources.blogblog.com/img/blank.gif

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /img/blank.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
If-Modified-Since: Sat, 08 Jun 2024 15:58:59 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:43:00 GMT
Expires: Sat, 15 Jun 2024 18:43:00 GMT
Last-Modified: Sat, 08 Jun 2024 15:58:59 GMT
Cache-Control: public, max-age=604800
Age: 184715
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1b8e"
Expires: Tue, 11 Jun 2024 21:59:34 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tumblr_m9ewp2fRM71qkcds1o1_500.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:34 GMT
Server: fife
Content-Length: 3545
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="page_bg.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1071
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 20:31:59 GMT
Expires: Tue, 11 Jun 2024 20:31:59 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 5256
ETag: "v85a"
Content-Type: image/jpeg
Vary: Origin
GET

http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "va2f"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 18:57:24 GMT
Expires: Tue, 11 Jun 2024 18:57:24 GMT
Age: 10970
ETag: "va2f"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v166"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v166"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 81
GET

http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v85a"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:31:59 GMT
Expires: Tue, 11 Jun 2024 20:31:59 GMT
Age: 5336
ETag: "v85a"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "va2f"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 18:57:24 GMT
Expires: Tue, 11 Jun 2024 18:57:24 GMT
Age: 11050
ETag: "va2f"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="home.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1157
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 18:57:24 GMT
Expires: Tue, 11 Jun 2024 18:57:24 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 10929
ETag: "va2f"
Content-Type: image/gif
Vary: Origin
GET

http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v166"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v166"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 40
GET

http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v1b8e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1b8e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 81
GET

http://1.bp.blogspot.com/-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v1029e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1029e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 120
GET

http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v85a"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:31:59 GMT
Expires: Tue, 11 Jun 2024 20:31:59 GMT
Age: 5375
ETag: "v85a"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://1.bp.blogspot.com/-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1029e"
Expires: Tue, 11 Jun 2024 21:59:34 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tumblr_ksp3rex1FS1qzkcgao1_500.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:34 GMT
Server: fife
Content-Length: 1909
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v1b8e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1b8e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 40
GET

http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v85a"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:31:59 GMT
Expires: Tue, 11 Jun 2024 20:31:59 GMT
Age: 5296
ETag: "v85a"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "va2f"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 18:57:24 GMT
Expires: Tue, 11 Jun 2024 18:57:24 GMT
Age: 11011
ETag: "va2f"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v166"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v166"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 120
GET

http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v166"
Expires: Tue, 11 Jun 2024 21:59:34 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sensual19.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:34 GMT
Server: fife
Content-Length: 2042
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v1029e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1029e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 40
GET

http://1.bp.blogspot.com/-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v1029e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1029e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 81
GET

http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
If-None-Match: "v1b8e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1b8e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 120
GET

http://4.bp.blogspot.com/-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:33 GMT
Server: fife
Content-Length: 915
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="body.gif"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 23343
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 6743
ETag: "va1c"
Content-Type: image/gif
Vary: Origin
GET

http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="slider_item_active.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 420
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 20:31:59 GMT
Expires: Tue, 11 Jun 2024 20:31:59 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 5256
ETag: "v769"
Content-Type: image/png
Vary: Origin
GET

http://4.bp.blogspot.com/-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:00:15 GMT
Server: fife
Content-Length: 915
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
If-None-Match: "va1c"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6783
ETag: "va1c"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
If-None-Match: "va1c"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6823
ETag: "va1c"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
If-None-Match: "va1c"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6862
ETag: "va1c"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
If-None-Match: "v769"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:31:59 GMT
Expires: Tue, 11 Jun 2024 20:31:59 GMT
Age: 5296
ETag: "v769"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://4.bp.blogspot.com/-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:00:55 GMT
Server: fife
Content-Length: 915
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
If-None-Match: "v769"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:31:59 GMT
Expires: Tue, 11 Jun 2024 20:31:59 GMT
Age: 5336
ETag: "v769"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://4.bp.blogspot.com/-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:01:34 GMT
Server: fife
Content-Length: 915
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
If-None-Match: "v769"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:31:59 GMT
Expires: Tue, 11 Jun 2024 20:31:59 GMT
Age: 5375
ETag: "v769"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://fonts.googleapis.com/css?family=Oswald

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=Oswald HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Jun 2024 21:59:33 GMT
Date: Mon, 10 Jun 2024 21:59:33 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=PT+Sans+Narrow

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=PT+Sans+Narrow HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:00:14 GMT
Date: Mon, 10 Jun 2024 22:00:14 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=PT+Sans+Narrow

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=PT+Sans+Narrow HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:00:55 GMT
Date: Mon, 10 Jun 2024 22:00:55 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=PT+Sans+Narrow

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=PT+Sans+Narrow HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:01:34 GMT
Date: Mon, 10 Jun 2024 22:01:34 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=PT+Sans+Narrow

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=PT+Sans+Narrow HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Jun 2024 21:59:33 GMT
Date: Mon, 10 Jun 2024 21:59:33 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Oswald

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=Oswald HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:00:14 GMT
Date: Mon, 10 Jun 2024 22:00:14 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Oswald

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=Oswald HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:00:55 GMT
Date: Mon, 10 Jun 2024 22:00:55 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Oswald

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=Oswald HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:01:34 GMT
Date: Mon, 10 Jun 2024 22:01:34 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: lh4.ggpht.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v8051"
Expires: Tue, 11 Jun 2024 21:59:34 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="004.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:34 GMT
Server: fife
Content-Length: 2139
X-XSS-Protection: 0
GET

http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: lh4.ggpht.com
If-None-Match: "v8051"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v8051"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 40
GET

http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: lh4.ggpht.com
If-None-Match: "v8051"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v8051"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 81
GET

http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: lh4.ggpht.com
If-None-Match: "v8051"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v8051"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 120
GET

http://2.bp.blogspot.com/-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:33 GMT
Server: fife
Content-Length: 1323
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="footerli.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 232
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 6743
ETag: "v59d"
Content-Type: image/png
Vary: Origin
GET

http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:00:15 GMT
Server: fife
Content-Length: 1323
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
If-None-Match: "v59d"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6783
ETag: "v59d"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:00:55 GMT
Server: fife
Content-Length: 1323
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
If-None-Match: "v59d"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6823
ETag: "v59d"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:01:34 GMT
Server: fife
Content-Length: 1323
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:33 GMT
Server: fife
Content-Length: 1323
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:00:15 GMT
Server: fife
Content-Length: 1323
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:00:55 GMT
Server: fife
Content-Length: 1323
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 22:01:34 GMT
Server: fife
Content-Length: 1323
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
If-None-Match: "v59d"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6862
ETag: "v59d"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

IEXPLORE.EXE

Remote address:

142.250.179.234:443

Request

GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32245
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 18:13:08 GMT
Expires: Sun, 08 Jun 2025 18:13:08 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 186386
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

IEXPLORE.EXE

Remote address:

142.250.179.234:443

Request

GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
If-Modified-Since: Tue, 03 Mar 2020 19:15:00 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:13:08 GMT
Expires: Sun, 08 Jun 2025 18:13:08 GMT
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Vary: Accept-Encoding
Age: 186426
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

IEXPLORE.EXE

Remote address:

142.250.179.234:443

Request

GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
If-Modified-Since: Tue, 03 Mar 2020 19:15:00 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:13:08 GMT
Expires: Sun, 08 Jun 2025 18:13:08 GMT
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Vary: Accept-Encoding
Age: 186467
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

IEXPLORE.EXE

Remote address:

142.250.179.234:443

Request

GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
If-Modified-Since: Tue, 03 Mar 2020 19:15:00 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:13:08 GMT
Expires: Sun, 08 Jun 2025 18:13:08 GMT
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Vary: Accept-Encoding
Age: 186506
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://3.bp.blogspot.com/-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v997"
Expires: Tue, 11 Jun 2024 21:59:34 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tumblr_mpll71wHun1su5qtgo1_500.jpg"
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:34 GMT
Server: fife
Content-Length: 2244
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="menuh.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 222
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 6743
ETag: "v850"
Content-Type: image/png
Vary: Origin
GET

http://3.bp.blogspot.com/-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v997"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v997"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 40
GET

http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v7d7"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6783
ETag: "v7d7"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://3.bp.blogspot.com/-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v997"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v997"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 81
GET

http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v7d7"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6823
ETag: "v7d7"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://3.bp.blogspot.com/-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v997"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v997"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 120
GET

http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v850"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6862
ETag: "v850"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://3.bp.blogspot.com/-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1029e"
Expires: Tue, 11 Jun 2024 21:59:34 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="facebook-logo.png"
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:34 GMT
Server: fife
Content-Length: 4333
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="outerpic.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 340
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 6743
ETag: "v7d7"
Content-Type: image/png
Vary: Origin
GET

http://3.bp.blogspot.com/-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v1029e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1029e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 40
GET

http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v850"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6783
ETag: "v850"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://3.bp.blogspot.com/-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v1029e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1029e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 81
GET

http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v850"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6823
ETag: "v850"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://3.bp.blogspot.com/-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v1029e"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 21:59:34 GMT
Expires: Tue, 11 Jun 2024 21:59:34 GMT
ETag: "v1029e"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
Age: 120
GET

http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
If-None-Match: "v7d7"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Mon, 10 Jun 2024 20:07:12 GMT
Expires: Tue, 11 Jun 2024 20:07:12 GMT
Age: 6862
ETag: "v7d7"
Cache-Control: public, max-age=86400, no-transform
Vary: Origin
GET

http://assets.pinterest.com/js/pinit.js

IEXPLORE.EXE

Remote address:

151.101.188.84:80

Request

GET /js/pinit.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: assets.pinterest.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 290
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
X-CDN: fastly
alt-svc: h3=":443";ma=600
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Mon, 10 Jun 2024 21:59:33 GMT
GET

http://assets.pinterest.com/js/pinit.js

IEXPLORE.EXE

Remote address:

151.101.188.84:80

Request

GET /js/pinit.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: assets.pinterest.com
If-None-Match: "82bfd941d2c9b3b9e0650a27c9d11737"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Connection: keep-alive
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
X-CDN: fastly
alt-svc: h3=":443";ma=600
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Mon, 10 Jun 2024 22:00:14 GMT
GET

http://assets.pinterest.com/js/pinit.js

IEXPLORE.EXE

Remote address:

151.101.188.84:80

Request

GET /js/pinit.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: assets.pinterest.com
If-None-Match: "82bfd941d2c9b3b9e0650a27c9d11737"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Connection: keep-alive
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
X-CDN: fastly
alt-svc: h3=":443";ma=600
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Mon, 10 Jun 2024 22:00:55 GMT
GET

http://assets.pinterest.com/js/pinit.js

IEXPLORE.EXE

Remote address:

151.101.188.84:80

Request

GET /js/pinit.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: assets.pinterest.com
If-None-Match: "82bfd941d2c9b3b9e0650a27c9d11737"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Connection: keep-alive
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
X-CDN: fastly
alt-svc: h3=":443";ma=600
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Mon, 10 Jun 2024 22:01:34 GMT
DNS

connect.facebook.net

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.151.21
DNS

apis.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.200.14
GET

http://connect.facebook.net/en_US/all.js

IEXPLORE.EXE

Remote address:

163.70.151.21:80

Request

GET /en_US/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Mon, 10 Jun 2024 21:59:34 GMT
Connection: keep-alive
Content-Length: 0
GET

http://connect.facebook.net/en_US/all.js

IEXPLORE.EXE

Remote address:

163.70.151.21:80

Request

GET /en_US/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Mon, 10 Jun 2024 22:00:15 GMT
Connection: keep-alive
Content-Length: 0
GET

http://connect.facebook.net/en_US/all.js

IEXPLORE.EXE

Remote address:

163.70.151.21:80

Request

GET /en_US/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Mon, 10 Jun 2024 22:00:55 GMT
Connection: keep-alive
Content-Length: 0
GET

http://connect.facebook.net/en_US/all.js

IEXPLORE.EXE

Remote address:

163.70.151.21:80

Request

GET /en_US/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Mon, 10 Jun 2024 22:01:34 GMT
Connection: keep-alive
Content-Length: 0
GET

https://apis.google.com/js/plusone.js

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Mon, 10 Jun 2024 21:59:35 GMT
Expires: Mon, 10 Jun 2024 21:59:35 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "f9177ff6f5150176"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 56667
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 09 Jun 2024 06:30:35 GMT
Expires: Mon, 09 Jun 2025 06:30:35 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 142140
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: http://developers.google.com/
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Mon, 10 Jun 2024 21:59:35 GMT
Expires: Mon, 10 Jun 2024 22:29:35 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 226
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/rpc:shindig_random.js?onload=init

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Mon, 10 Jun 2024 21:59:35 GMT
Expires: Mon, 10 Jun 2024 21:59:35 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "101700247f013dff"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 23998
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 15:40:31 GMT
Expires: Sun, 08 Jun 2025 15:40:31 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 195544
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/plusone.js

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-None-Match: "f9177ff6f5150176"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 10 Jun 2024 22:00:15 GMT
Expires: Mon, 10 Jun 2024 22:00:15 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "f9177ff6f5150176"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sun, 09 Jun 2024 06:30:35 GMT
Expires: Mon, 09 Jun 2025 06:30:35 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 142180
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sun, 09 Jun 2024 07:52:44 GMT
Expires: Mon, 09 Jun 2025 07:52:44 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 137291
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sun, 09 Jun 2024 07:52:44 GMT
Expires: Mon, 09 Jun 2025 07:52:44 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 137331
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 35064
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 09 Jun 2024 07:52:44 GMT
Expires: Mon, 09 Jun 2025 07:52:44 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 137211
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sun, 09 Jun 2024 07:52:44 GMT
Expires: Mon, 09 Jun 2025 07:52:44 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 137251
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: http://developers.google.com/
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 226
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 21:59:35 GMT
Expires: Mon, 10 Jun 2024 22:29:35 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 80
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/rpc:shindig_random.js?onload=init

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-None-Match: "101700247f013dff"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 10 Jun 2024 22:00:55 GMT
Expires: Mon, 10 Jun 2024 22:00:55 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "101700247f013dff"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 15:40:31 GMT
Expires: Sun, 08 Jun 2025 15:40:31 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 195624
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/plusone.js

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-None-Match: "f9177ff6f5150176"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 10 Jun 2024 22:01:34 GMT
Expires: Mon, 10 Jun 2024 22:01:34 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "f9177ff6f5150176"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sun, 09 Jun 2024 06:30:35 GMT
Expires: Mon, 09 Jun 2025 06:30:35 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 142260
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://connect.facebook.net/en_US/all.js

IEXPLORE.EXE

Remote address:

163.70.151.21:443

Request

GET /en_US/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: f10e16f28c334b93f62fdb1f9f8fa151
ETag: "4a9a550fb93cf4116e7556bc804d671b"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:11:57 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-Frame-Options: DENY
x-fb-optimizer: 0
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
content-md5: Jp43kQQWHDjn7zZbjJX0ng==
X-FB-Debug: 98wYyvF4cMmWdVf7BZbuMWuMjPjNpUS5Fl87KeT34CM8oFrXZd7iK6BnGrHCyoHxLWRk8p6Rhn7m9oSb7kLydA==
Date: Mon, 10 Jun 2024 21:59:35 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=65, rtx=0, c=14, mss=1357, tbw=3219, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686
GET

https://connect.facebook.net/en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd

IEXPLORE.EXE

Remote address:

163.70.151.21:443

Request

GET /en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 532debcdc4e77108cb8aac01244ec756
ETag: "95411d2f14e8c77afeccbad35a11b0cf"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
Expires: Tue, 10 Jun 2025 15:02:53 GMT
Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
content-md5: RZKK2ytMEpJnA31tHcX90g==
X-FB-Debug: RAEygL3w0Q9EGzalxM7IpgBzqAXGOXnd2ipaw5xVDmyYpDvqhrd9hQM+skjCvW3MA9VrS+jMItxXk3x7tOvf9Q==
Date: Mon, 10 Jun 2024 21:59:35 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=56, rtx=0, c=20, mss=1357, tbw=7806, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 88557
GET

https://connect.facebook.net/en_US/all.js

IEXPLORE.EXE

Remote address:

163.70.151.21:443

Request

GET /en_US/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive
If-None-Match: "4a9a550fb93cf4116e7556bc804d671b"

Response

HTTP/1.1 304 Not Modified

Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: f10e16f28c334b93f62fdb1f9f8fa151
ETag: "4a9a550fb93cf4116e7556bc804d671b"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:11:57 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-Frame-Options: DENY
x-fb-optimizer: 0
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
content-md5: Jp43kQQWHDjn7zZbjJX0ng==
X-FB-Debug: 98wYyvF4cMmWdVf7BZbuMWuMjPjNpUS5Fl87KeT34CM8oFrXZd7iK6BnGrHCyoHxLWRk8p6Rhn7m9oSb7kLydA==
Date: Mon, 10 Jun 2024 22:00:15 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=67, rtx=0, c=89, mss=1357, tbw=99666, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
GET

https://connect.facebook.net/en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd

IEXPLORE.EXE

Remote address:

163.70.151.21:443

Request

GET /en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
If-None-Match: "95411d2f14e8c77afeccbad35a11b0cf"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 532debcdc4e77108cb8aac01244ec756
ETag: "95411d2f14e8c77afeccbad35a11b0cf"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
Expires: Tue, 10 Jun 2025 15:02:53 GMT
Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
content-md5: RZKK2ytMEpJnA31tHcX90g==
X-FB-Debug: RAEygL3w0Q9EGzalxM7IpgBzqAXGOXnd2ipaw5xVDmyYpDvqhrd9hQM+skjCvW3MA9VrS+jMItxXk3x7tOvf9Q==
Date: Mon, 10 Jun 2024 22:00:15 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=61, rtx=0, c=92, mss=1357, tbw=102498, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
GET

https://connect.facebook.net/en_US/all.js

IEXPLORE.EXE

Remote address:

163.70.151.21:443

Request

GET /en_US/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive
If-None-Match: "4a9a550fb93cf4116e7556bc804d671b"

Response

HTTP/1.1 304 Not Modified

Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: f10e16f28c334b93f62fdb1f9f8fa151
ETag: "4a9a550fb93cf4116e7556bc804d671b"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:11:57 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-Frame-Options: DENY
x-fb-optimizer: 0
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
content-md5: Jp43kQQWHDjn7zZbjJX0ng==
X-FB-Debug: 98wYyvF4cMmWdVf7BZbuMWuMjPjNpUS5Fl87KeT34CM8oFrXZd7iK6BnGrHCyoHxLWRk8p6Rhn7m9oSb7kLydA==
Date: Mon, 10 Jun 2024 22:00:55 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=83, rtx=0, c=95, mss=1357, tbw=105326, tp=-1, tpl=-1, uplat=2, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
GET

https://connect.facebook.net/en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd

IEXPLORE.EXE

Remote address:

163.70.151.21:443

Request

GET /en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
If-None-Match: "95411d2f14e8c77afeccbad35a11b0cf"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 532debcdc4e77108cb8aac01244ec756
ETag: "95411d2f14e8c77afeccbad35a11b0cf"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
Expires: Tue, 10 Jun 2025 15:02:53 GMT
Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
content-md5: RZKK2ytMEpJnA31tHcX90g==
X-FB-Debug: RAEygL3w0Q9EGzalxM7IpgBzqAXGOXnd2ipaw5xVDmyYpDvqhrd9hQM+skjCvW3MA9VrS+jMItxXk3x7tOvf9Q==
Date: Mon, 10 Jun 2024 22:00:55 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=74, rtx=0, c=98, mss=1357, tbw=108159, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
GET

https://connect.facebook.net/en_US/all.js

IEXPLORE.EXE

Remote address:

163.70.151.21:443

Request

GET /en_US/all.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive
If-None-Match: "4a9a550fb93cf4116e7556bc804d671b"

Response

HTTP/1.1 200 OK

Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 85b9445709296fa413fc00acf8728078
ETag: "13fabd0357dc68769ad76880c05a8328"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
Expires: Mon, 10 Jun 2024 22:21:30 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-Frame-Options: DENY
x-fb-optimizer: 0
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
content-md5: +Xfs1gHtoX0w/t7E/tFx8A==
X-FB-Debug: bwefUG2GKJtVE7Zlg6mZfnJLWjr2OkuJ1FN0GJbHT9bTS16vTFVbbPdSLGgTtuwCx/YAjPUThPGXQKwRjyLtfw==
Date: Mon, 10 Jun 2024 22:01:35 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=90, rtx=0, c=101, mss=1357, tbw=110987, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686
GET

https://connect.facebook.net/en_US/all.js?hash=9192aa85f17fc88131aa5043aca788b7

IEXPLORE.EXE

Remote address:

163.70.151.21:443

Request

GET /en_US/all.js?hash=9192aa85f17fc88131aa5043aca788b7 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: connect.facebook.net
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 221620fbaa952246d82c07bf4e9eeb03
ETag: "48050a27b46997e5c61d83f9d1c2b33a"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
Expires: Tue, 10 Jun 2025 13:51:41 GMT
Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
X-Frame-Options: DENY
origin-agent-cluster: ?0
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
content-md5: 5ax4JtZcLJj8Vwu++yWzag==
X-FB-Debug: 4Q3xtPVCITe8dbRWVRgkeIOq1PuPa40rFuRzxlZX/tetm+FlzfyMAorvpzJbKZ5VPwona2uVP4qWUiiSz70plA==
Date: Mon, 10 Jun 2024 22:01:35 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=73, rtx=0, c=107, mss=1357, tbw=115577, tp=-1, tpl=-1, uplat=0, ullat=-1
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 87066
GET

http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 43968
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 21:02:34 GMT
Expires: Sun, 08 Jun 2025 21:02:34 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 02 May 2023 15:05:37 GMT
Content-Type: font/woff
Age: 176221
GET

http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
If-Modified-Since: Tue, 15 Aug 2023 18:49:40 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 12:50:39 GMT
Expires: Sun, 08 Jun 2025 12:50:39 GMT
Age: 205776
Last-Modified: Tue, 15 Aug 2023 18:49:40 GMT
Cache-Control: public, max-age=31536000
GET

http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
If-Modified-Since: Tue, 15 Aug 2023 18:49:40 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 12:50:39 GMT
Expires: Sun, 08 Jun 2025 12:50:39 GMT
Age: 205816
Last-Modified: Tue, 15 Aug 2023 18:49:40 GMT
Cache-Control: public, max-age=31536000
GET

http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
If-Modified-Since: Tue, 02 May 2023 15:05:37 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 21:02:34 GMT
Expires: Sun, 08 Jun 2025 21:02:34 GMT
Last-Modified: Tue, 02 May 2023 15:05:37 GMT
Cache-Control: public, max-age=31536000
Age: 176340
GET

http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15512
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 12:50:39 GMT
Expires: Sun, 08 Jun 2025 12:50:39 GMT
Cache-Control: public, max-age=31536000
Age: 205736
Last-Modified: Tue, 15 Aug 2023 18:49:40 GMT
Content-Type: font/woff
GET

http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
If-Modified-Since: Tue, 02 May 2023 15:05:37 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 21:02:34 GMT
Expires: Sun, 08 Jun 2025 21:02:34 GMT
Last-Modified: Tue, 02 May 2023 15:05:37 GMT
Cache-Control: public, max-age=31536000
Age: 176261
GET

http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
If-Modified-Since: Tue, 02 May 2023 15:05:37 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 21:02:34 GMT
Expires: Sun, 08 Jun 2025 21:02:34 GMT
Last-Modified: Tue, 02 May 2023 15:05:37 GMT
Cache-Control: public, max-age=31536000
Age: 176301
GET

http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
If-Modified-Since: Tue, 15 Aug 2023 18:49:40 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 12:50:39 GMT
Expires: Sun, 08 Jun 2025 12:50:39 GMT
Age: 205855
Last-Modified: Tue, 15 Aug 2023 18:49:40 GMT
Cache-Control: public, max-age=31536000
GET

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: http://developers.google.com/
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 226
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 21:59:35 GMT
Expires: Mon, 10 Jun 2024 22:29:35 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 40
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/rpc:shindig_random.js?onload=init

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-None-Match: "101700247f013dff"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 10 Jun 2024 22:00:15 GMT
Expires: Mon, 10 Jun 2024 22:00:15 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "101700247f013dff"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 15:40:31 GMT
Expires: Sun, 08 Jun 2025 15:40:31 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 195584
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/plusone.js

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-None-Match: "f9177ff6f5150176"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 10 Jun 2024 22:00:55 GMT
Expires: Mon, 10 Jun 2024 22:00:55 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "f9177ff6f5150176"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sun, 09 Jun 2024 06:30:35 GMT
Expires: Mon, 09 Jun 2025 06:30:35 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 142220
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: http://developers.google.com/
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 226
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 21:59:35 GMT
Expires: Mon, 10 Jun 2024 22:29:35 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 120
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/rpc:shindig_random.js?onload=init

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-None-Match: "101700247f013dff"
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 10 Jun 2024 22:01:35 GMT
Expires: Mon, 10 Jun 2024 22:01:35 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "101700247f013dff"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

142.250.200.14:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
If-Modified-Since: Mon, 06 May 2024 15:31:30 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 15:40:31 GMT
Expires: Sun, 08 Jun 2025 15:40:31 GMT
Last-Modified: Mon, 06 May 2024 15:31:30 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 195664
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

www.9a9.red

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.9a9.red

IN A

Response
DNS

accounts.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.250.27.84
DNS

developers.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

developers.google.com

IN A

Response

developers.google.com

IN A

216.58.201.110
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D8828316%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D8828316%26bpli%3D1&go=true

IEXPLORE.EXE

Remote address:

142.250.27.84:443

Request

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D8828316%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D8828316%26bpli%3D1&go=true HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Content-Type: application/binary
Set-Cookie: __Host-GAPS=1:kWclU4kTf5QNSQpbjJK8PiPLkGMu3g:ITiv_snEr7t9HKOV; Expires=Wed, 10-Jun-2026 21:59:35 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 21:59:35 GMT
Location: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Security-Policy: script-src 'nonce-XFjTwhQsR_7n8LfTxAoBCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7565295%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7565295%26bpli%3D1&go=true

IEXPLORE.EXE

Remote address:

142.250.27.84:443

Request

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7565295%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7565295%26bpli%3D1&go=true HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Cookie: __Host-GAPS=1:kWclU4kTf5QNSQpbjJK8PiPLkGMu3g:ITiv_snEr7t9HKOV
Connection: Keep-Alive
Host: accounts.google.com

Response

HTTP/1.1 302 Found

Content-Type: application/binary
Set-Cookie: __Host-GAPS=1:NZl4BawEWh-aw8YHVCGZOBjbK7U0fw:USoqZTniUq70cAj7; Expires=Wed, 10-Jun-2026 22:00:15 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:15 GMT
Location: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Content-Security-Policy: script-src 'nonce-eZLezcEUzLMpSvJ8V_EoBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.27.84:443

Request

GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
Cookie: __Host-GAPS=1:NZl4BawEWh-aw8YHVCGZOBjbK7U0fw:USoqZTniUq70cAj7

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:55 GMT
Cross-Origin-Resource-Policy: same-site
Content-Security-Policy: script-src 'nonce-wL_1hhEXURyWsWF6p3Vqfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.27.84:443

Request

GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
Cookie: __Host-GAPS=1:PQtN_3GQSX-LYlHj92u_MUj-89zIeQ:kfYKqgmJp_vKHgar

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:01:35 GMT
Content-Security-Policy: script-src 'nonce-AEfMgUHEXJWonqkMXEA4MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
Cross-Origin-Resource-Policy: same-site
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.27.84:443

Request

GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 21:59:35 GMT
Content-Security-Policy: script-src 'nonce-n5ohGJUzniMytik_ASvR4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
Cross-Origin-Resource-Policy: same-site
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.27.84:443

Request

GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
Cookie: __Host-GAPS=1:kWclU4kTf5QNSQpbjJK8PiPLkGMu3g:ITiv_snEr7t9HKOV

Response

HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:15 GMT
Cross-Origin-Resource-Policy: same-site
Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
Content-Security-Policy: script-src 'nonce-3xBpqeCZas4CmZK-BUbelA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D755927%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D755927%26bpli%3D1&go=true

IEXPLORE.EXE

Remote address:

142.250.27.84:443

Request

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D755927%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D755927%26bpli%3D1&go=true HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Cookie: __Host-GAPS=1:NZl4BawEWh-aw8YHVCGZOBjbK7U0fw:USoqZTniUq70cAj7
Connection: Keep-Alive
Host: accounts.google.com

Response

HTTP/1.1 302 Found

Content-Type: application/binary
Set-Cookie: __Host-GAPS=1:PQtN_3GQSX-LYlHj92u_MUj-89zIeQ:kfYKqgmJp_vKHgar; Expires=Wed, 10-Jun-2026 22:00:55 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:00:55 GMT
Location: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Content-Security-Policy: script-src 'nonce-7pRQlS3v3nERYFjwE3PDCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Opener-Policy: unsafe-none
Cross-Origin-Resource-Policy: cross-origin
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&go=true

IEXPLORE.EXE

Remote address:

142.250.27.84:443

Request

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&go=true HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Cookie: __Host-GAPS=1:PQtN_3GQSX-LYlHj92u_MUj-89zIeQ:kfYKqgmJp_vKHgar
Connection: Keep-Alive
Host: accounts.google.com

Response

HTTP/1.1 302 Found

Content-Type: application/binary
Set-Cookie: __Host-GAPS=1:oUgE_fh1a2kQP9Vml8MmtPXBgfzrxA:OCgtBc06g_Ezam43; Expires=Wed, 10-Jun-2026 22:01:35 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 10 Jun 2024 22:01:35 GMT
Location: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cross-Origin-Resource-Policy: cross-origin
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Content-Security-Policy: script-src 'nonce-1aAkVYv5dH6H6nHcNgKeCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: unsafe-none
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://developers.google.com/

IEXPLORE.EXE

Remote address:

216.58.201.110:80

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://developers.google.com/
X-Cloud-Trace-Context: 09ca2e797a9eb902a20ccad5b4596512
Date: Mon, 10 Jun 2024 21:59:35 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
GET

http://developers.google.com/

IEXPLORE.EXE

Remote address:

216.58.201.110:80

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive
Cookie: _ga_devsite=GA1.3.3202691781.1718056776

Response

HTTP/1.1 301 Moved Permanently

Location: https://developers.google.com/
X-Cloud-Trace-Context: 41e2f956b7b8fb7203e4c341c5ce5e1e
Date: Mon, 10 Jun 2024 22:00:15 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
GET

http://developers.google.com/

IEXPLORE.EXE

Remote address:

216.58.201.110:80

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive
Cookie: _ga_devsite=GA1.3.3202691781.1718056776

Response

HTTP/1.1 301 Moved Permanently

Location: https://developers.google.com/
X-Cloud-Trace-Context: 990ece8e1c2578b947b48892f643f32c
Date: Mon, 10 Jun 2024 22:00:55 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
GET

http://developers.google.com/

IEXPLORE.EXE

Remote address:

216.58.201.110:80

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive
Cookie: _ga_devsite=GA1.3.3202691781.1718056776

Response

HTTP/1.1 301 Moved Permanently

Location: https://developers.google.com/
X-Cloud-Trace-Context: 6d2852a775c2fd34f4bf889d8b46f1e1
Date: Mon, 10 Jun 2024 22:01:35 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
GET

https://developers.google.com/

IEXPLORE.EXE

Remote address:

216.58.201.110:443

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: developers.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 04 Jun 2024 18:18:43 GMT
Content-Type: text/html; charset=utf-8
Vary: Cookie
Vary: Accept-Encoding
Set-Cookie: _ga_devsite=GA1.3.3202691781.1718056776; Expires=Wed, 10 Jun 2026 21:59:36 GMT; Max-Age=63072000; Path=/
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-30e+zwsgcN92r1ofoa8UWFVIIyZgzr' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Content-Encoding: gzip
X-Cloud-Trace-Context: 62aef51de70d1d32d7694fe2e76dc43a
Date: Mon, 10 Jun 2024 21:59:36 GMT
Server: Google Frontend
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
DNS

ssl.gstatic.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ssl.gstatic.com

IN A

Response

ssl.gstatic.com

IN A

172.217.169.3
GET

https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

IEXPLORE.EXE

Remote address:

172.217.169.3:443

Request

GET /accounts/o/3604799710-postmessagerelay.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ssl.gstatic.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="federated-signon-mpm-access"
Report-To: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
Content-Length: 4846
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 18:40:52 GMT
Expires: Sun, 08 Jun 2025 18:40:52 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 30 May 2024 16:07:45 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 184723
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

IEXPLORE.EXE

Remote address:

172.217.169.3:443

Request

GET /accounts/o/3604799710-postmessagerelay.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ssl.gstatic.com
If-Modified-Since: Thu, 30 May 2024 16:07:45 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:40:52 GMT
Expires: Sun, 08 Jun 2025 18:40:52 GMT
Last-Modified: Thu, 30 May 2024 16:07:45 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 184763
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

IEXPLORE.EXE

Remote address:

172.217.169.3:443

Request

GET /accounts/o/3604799710-postmessagerelay.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ssl.gstatic.com
If-Modified-Since: Thu, 30 May 2024 16:07:45 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:40:52 GMT
Expires: Sun, 08 Jun 2025 18:40:52 GMT
Last-Modified: Thu, 30 May 2024 16:07:45 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 184803
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

IEXPLORE.EXE

Remote address:

172.217.169.3:443

Request

GET /accounts/o/3604799710-postmessagerelay.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ssl.gstatic.com
If-Modified-Since: Thu, 30 May 2024 16:07:45 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 18:40:52 GMT
Expires: Sun, 08 Jun 2025 18:40:52 GMT
Last-Modified: Thu, 30 May 2024 16:07:45 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 184843
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

www.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
GET

https://www.google.com/js/bg/iUFT4H_aD2n83E2qiJAm0eQnr0kH-RmNQ6xxrNG4yf8.js

IEXPLORE.EXE

Remote address:

142.250.187.196:443

Request

GET /js/bg/iUFT4H_aD2n83E2qiJAm0eQnr0kH-RmNQ6xxrNG4yf8.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 23901
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 10 Jun 2024 11:23:34 GMT
Expires: Tue, 10 Jun 2025 11:23:34 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 03 Jun 2024 09:30:00 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 38162
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.google.com/js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js

IEXPLORE.EXE

Remote address:

142.250.187.196:443

Request

GET /js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 23807
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 08 Jun 2024 19:34:03 GMT
Expires: Sun, 08 Jun 2025 19:34:03 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 27 May 2024 15:30:00 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 181572
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.google.com/js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js

IEXPLORE.EXE

Remote address:

142.250.187.196:443

Request

GET /js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
If-Modified-Since: Mon, 27 May 2024 15:30:00 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 19:34:03 GMT
Expires: Sun, 08 Jun 2025 19:34:03 GMT
Last-Modified: Mon, 27 May 2024 15:30:00 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 181612
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.google.com/js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js

IEXPLORE.EXE

Remote address:

142.250.187.196:443

Request

GET /js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
If-Modified-Since: Mon, 27 May 2024 15:30:00 GMT
Connection: Keep-Alive

Response

HTTP/1.1 304 Not Modified

Date: Sat, 08 Jun 2024 19:34:03 GMT
Expires: Sun, 08 Jun 2025 19:34:03 GMT
Last-Modified: Mon, 27 May 2024 15:30:00 GMT
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Age: 181652
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://developers.google.com/

IEXPLORE.EXE

Remote address:

216.58.201.110:443

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Cookie: _ga_devsite=GA1.3.3202691781.1718056776
Connection: Keep-Alive
Host: developers.google.com

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 04 Jun 2024 18:18:43 GMT
Content-Type: text/html; charset=utf-8
Vary: Cookie
Vary: Accept-Encoding
Set-Cookie: _ga_devsite=GA1.3.3202691781.1718056776; Expires=Wed, 10 Jun 2026 22:00:16 GMT; Max-Age=63072000; Path=/
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-RF4rOV8rVzkNiMV1V8Hu2+eeXpvw/3' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Content-Encoding: gzip
X-Cloud-Trace-Context: 145d44ea18b183d0e453373b1b69c277
Date: Mon, 10 Jun 2024 22:00:16 GMT
Server: Google Frontend
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
DNS

www.facebook.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.221.35
GET

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38294c04426758%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff1d5373a86b34fe%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

IEXPLORE.EXE

Remote address:

157.240.221.35:443

Request

GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38294c04426758%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff1d5373a86b34fe%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: ia7fMmCN3Vx/zmduYW7T2/qND8YYeT1hspXtjXLprJLSSHfwwETztGIgv4yTujPIxu3hBIGjef1MdPZPuCYJ/A==
Date: Mon, 10 Jun 2024 21:59:40 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1357, tbw=3219, tp=-1, tpl=-1, uplat=16, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10b2c1455c4dc6%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Fff4e24d4ac0d8f%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

IEXPLORE.EXE

Remote address:

157.240.221.35:443

Request

GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10b2c1455c4dc6%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Fff4e24d4ac0d8f%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: hYHpXtpv3ZYgOhN0hS8UpngnH11Yh3+oskAELMik7N6l4dnxmGVtYa50p2dtKRbjv+hBJytLhrgyUcCRIbS8uw==
Date: Mon, 10 Jun 2024 22:00:20 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=67, rtx=0, c=10, mss=1357, tbw=6497, tp=-1, tpl=-1, uplat=14, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e26be0b8b08c2%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff31568e45b8edd%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

IEXPLORE.EXE

Remote address:

157.240.221.35:443

Request

GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e26be0b8b08c2%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff31568e45b8edd%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: /4bzao8IAYb/0IXeNYyUzSBDzM2TJQhNmoWI+LhEjJ26wP8TGWFSYoeGPsmuJtkpUAB+lyjfP1Lr4vv7R8TYvw==
Date: Mon, 10 Jun 2024 22:00:59 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=87, rtx=0, c=10, mss=1357, tbw=9770, tp=-1, tpl=-1, uplat=15, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e324ee39e888c%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff3c2b413a84f05c%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

IEXPLORE.EXE

Remote address:

157.240.221.35:443

Request

GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e324ee39e888c%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff3c2b413a84f05c%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: QeWP9rBxYqtUtPEbZfrVcI8EytvtkSOYiDZ4/Zo7dFnympFVtUFk0kTg/6nN4xD+ocW246Ec6YKZMMzKJmR6Ng==
Date: Mon, 10 Jun 2024 22:01:39 GMT
X-FB-Connection-Quality: GOOD; q=0.7, rtt=103, rtx=0, c=10, mss=1357, tbw=13043, tp=-1, tpl=-1, uplat=14, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
DNS

www.microsoft.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

23.55.97.181
GET

https://developers.google.com/

IEXPLORE.EXE

Remote address:

216.58.201.110:443

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Cookie: _ga_devsite=GA1.3.3202691781.1718056776
Connection: Keep-Alive
Host: developers.google.com

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 04 Jun 2024 18:18:43 GMT
Content-Type: text/html; charset=utf-8
Vary: Cookie
Vary: Accept-Encoding
Set-Cookie: _ga_devsite=GA1.3.3202691781.1718056776; Expires=Wed, 10 Jun 2026 22:00:55 GMT; Max-Age=63072000; Path=/
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-EvDu8R4gLTCpfSL0xAAKIDClrVJdUK' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Content-Encoding: gzip
X-Cloud-Trace-Context: 17c328bc921783dbdcae12f38229e2c7
Date: Mon, 10 Jun 2024 22:00:55 GMT
Server: Google Frontend
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://developers.google.com/

IEXPLORE.EXE

Remote address:

216.58.201.110:443

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Cookie: _ga_devsite=GA1.3.3202691781.1718056776
Connection: Keep-Alive
Host: developers.google.com

Response

HTTP/1.1 200 OK

Last-Modified: Tue, 04 Jun 2024 18:18:43 GMT
Content-Type: text/html; charset=utf-8
Vary: Cookie
Vary: Accept-Encoding
Set-Cookie: _ga_devsite=GA1.3.3202691781.1718056776; Expires=Wed, 10 Jun 2026 22:01:36 GMT; Max-Age=63072000; Path=/
Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-yfjJy4wypfCRbyNU4MvPU5LPXmufq9' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Content-Encoding: gzip
X-Cloud-Trace-Context: 28399b1b30ad5391919aef6c62e3378e
Date: Mon, 10 Jun 2024 22:01:36 GMT
Server: Google Frontend
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked

13.248.169.48:80

http://yourjavascript.com/24211643151/jquery.easing.js

http

IEXPLORE.EXE

1.6kB
1.3kB
10
6

HTTP Request

GET http://yourjavascript.com/24211643151/jquery.easing.js

HTTP Response

200

HTTP Request

GET http://yourjavascript.com/24211643151/jquery.easing.js

HTTP Response

200

HTTP Request

GET http://yourjavascript.com/24211643151/jquery.easing.js

HTTP Response

200

HTTP Request

GET http://yourjavascript.com/24211643151/jquery.easing.js

HTTP Response

200
165.227.71.229:80

http://static.graddit.com/css/graddit.css

http

IEXPLORE.EXE

1.4kB
1.7kB
10
9

HTTP Request

GET http://static.graddit.com/css/graddit.css

HTTP Response

404

HTTP Request

GET http://static.graddit.com/css/graddit.css

HTTP Response

404

HTTP Request

GET http://static.graddit.com/css/graddit.css

HTTP Response

404

HTTP Request

GET http://static.graddit.com/css/graddit.css

HTTP Response

404
142.250.178.9:443

https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1

tls, http

IEXPLORE.EXE

8.9kB
120.2kB
68
111

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/482958267-cmt__en_gb.js

HTTP Response

200

HTTP Request

GET https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=iUFT4H_aD2n83E2qiJAm0eQnr0kH-RmNQ6xxrNG4yf8

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

HTTP Response

304

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/482958267-cmt__en_gb.js

HTTP Response

304

HTTP Request

GET https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

HTTP Response

304

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/482958267-cmt__en_gb.js

HTTP Response

304

HTTP Request

GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb

HTTP Response

200

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222

HTTP Response

302

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7542222&bpli=1

HTTP Response

200
142.250.178.9:443

https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA

tls, http

IEXPLORE.EXE

7.7kB
62.5kB
47
70

HTTP Request

GET https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

HTTP Response

200

HTTP Request

GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb

HTTP Response

200

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295

HTTP Response

302

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=7565295&bpli=1

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

HTTP Response

304

HTTP Request

GET https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

HTTP Response

304

HTTP Request

GET https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

HTTP Response

304

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/482958267-cmt__en_gb.js

HTTP Response

304

HTTP Request

GET https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA

HTTP Response

200
165.227.71.229:80

static.graddit.com

IEXPLORE.EXE

190 B
132 B
4
3
142.250.178.9:443

https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

tls, http

IEXPLORE.EXE

6.1kB
19.0kB
32
40

HTTP Request

GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb

HTTP Response

200

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316

HTTP Response

302

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=8828316&bpli=1

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

HTTP Response

304

HTTP Request

GET https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

HTTP Response

304

HTTP Request

GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3370392034129109115&zx=a7fb0bf3-7f86-4406-8979-25738ba625bb

HTTP Response

200

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927

HTTP Response

302

HTTP Request

GET https://www.blogger.com/comment-iframe.g?blogID=3370392034129109115&postID=705467570734950093&blogspotRpcToken=755927&bpli=1

HTTP Response

200

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

HTTP Response

304

HTTP Request

GET https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

HTTP Response

304
13.248.169.48:80

yourjavascript.com

IEXPLORE.EXE

190 B
132 B
4
3
151.101.2.137:80

code.jquery.com

IEXPLORE.EXE

242 B
184 B
5
4
151.101.2.137:80

http://code.jquery.com/jquery-2.2.3.js

http

IEXPLORE.EXE

3.1kB
81.0kB
39
66

HTTP Request

GET http://code.jquery.com/jquery-2.2.3.js

HTTP Response

200

HTTP Request

GET http://code.jquery.com/jquery-2.2.3.js

HTTP Response

304

HTTP Request

GET http://code.jquery.com/jquery-2.2.3.js

HTTP Response

304

HTTP Request

GET http://code.jquery.com/jquery-2.2.3.js

HTTP Response

304
142.250.178.9:443

resources.blogblog.com

tls

IEXPLORE.EXE

759 B
4.8kB
10
9
142.250.178.9:443

https://resources.blogblog.com/img/blank.gif

tls, http

IEXPLORE.EXE

5.5kB
14.7kB
30
25

HTTP Request

GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png

HTTP Response

200

HTTP Request

GET https://resources.blogblog.com/img/blank.gif

HTTP Response

200

HTTP Request

GET https://resources.blogblog.com/img/anon36.png

HTTP Response

200

HTTP Request

GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png

HTTP Response

304

HTTP Request

GET https://resources.blogblog.com/img/blank.gif

HTTP Response

304

HTTP Request

GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png

HTTP Response

304

HTTP Request

GET https://resources.blogblog.com/img/blank.gif

HTTP Response

304

HTTP Request

GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png

HTTP Response

304

HTTP Request

GET https://resources.blogblog.com/img/blank.gif

HTTP Response

304
142.250.180.1:80

http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

http

IEXPLORE.EXE

2.7kB
6.8kB
14
12

HTTP Request

GET http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

HTTP Response

200

HTTP Request

GET http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

HTTP Response

200

HTTP Request

GET http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

HTTP Response

304
142.250.180.1:80

http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

http

IEXPLORE.EXE

2.3kB
3.2kB
12
10

HTTP Request

GET http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

HTTP Response

200

HTTP Request

GET http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

HTTP Response

304
142.250.180.1:80

http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

http

IEXPLORE.EXE

2.3kB
3.6kB
12
10

HTTP Request

GET http://1.bp.blogspot.com/-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg

HTTP Response

200

HTTP Request

GET http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

HTTP Response

304
142.250.180.1:80

http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

http

IEXPLORE.EXE

2.0kB
4.1kB
12
11

HTTP Request

GET http://1.bp.blogspot.com/_BLllhNVUqJs/SRNZbxtMFyI/AAAAAAAAAWY/ChdX3OXhsnY/s72-c/sensual19.jpg

HTTP Response

200

HTTP Request

GET http://1.bp.blogspot.com/-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-r78wUUWqaKk/UnKHw0PmqzI/AAAAAAAAE5c/eie6c5mU5so/s72-c/tumblr_ksp3rex1FS1qzkcgao1_500.jpg

HTTP Response

304

HTTP Request

GET http://1.bp.blogspot.com/-pXhk35JDb38/UoEXONZenCI/AAAAAAAAFB4/GMrC8MSDme4/s72-c/tumblr_m9ewp2fRM71qkcds1o1_500.jpg

HTTP Response

304
142.250.180.1:80

http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

http

IEXPLORE.EXE

3.5kB
28.7kB
24
29

HTTP Request

GET http://4.bp.blogspot.com/-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg

HTTP Response

404

HTTP Request

GET http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg

HTTP Response

404

HTTP Request

GET http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

HTTP Response

304

HTTP Request

GET http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

HTTP Response

304

HTTP Request

GET http://4.bp.blogspot.com/-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif

HTTP Response

304
142.250.180.1:80

http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

http

IEXPLORE.EXE

2.2kB
3.6kB
11
12

HTTP Request

GET http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

HTTP Response

304

HTTP Request

GET http://4.bp.blogspot.com/-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg

HTTP Response

404

HTTP Request

GET http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

HTTP Response

304

HTTP Request

GET http://4.bp.blogspot.com/-oj9YzCEajXA/UWdk_p95B_I/AAAAAAAAKPc/hUkD1JIrbwc/s400/envolvente.jpg

HTTP Response

404

HTTP Request

GET http://4.bp.blogspot.com/-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png

HTTP Response

304
216.58.204.74:80

http://fonts.googleapis.com/css?family=PT+Sans+Narrow

http

IEXPLORE.EXE

1.5kB
3.3kB
10
13

HTTP Request

GET http://fonts.googleapis.com/css?family=Oswald

HTTP Response

200

HTTP Request

GET http://fonts.googleapis.com/css?family=PT+Sans+Narrow

HTTP Response

200

HTTP Request

GET http://fonts.googleapis.com/css?family=PT+Sans+Narrow

HTTP Response

200

HTTP Request

GET http://fonts.googleapis.com/css?family=PT+Sans+Narrow

HTTP Response

200
216.58.204.74:80

http://fonts.googleapis.com/css?family=Oswald

http

IEXPLORE.EXE

1.4kB
3.3kB
10
13

HTTP Request

GET http://fonts.googleapis.com/css?family=PT+Sans+Narrow

HTTP Response

200

HTTP Request

GET http://fonts.googleapis.com/css?family=Oswald

HTTP Response

200

HTTP Request

GET http://fonts.googleapis.com/css?family=Oswald

HTTP Response

200

HTTP Request

GET http://fonts.googleapis.com/css?family=Oswald

HTTP Response

200
142.250.180.1:80

http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

http

IEXPLORE.EXE

1.8kB
3.5kB
10
8

HTTP Request

GET http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

HTTP Response

200

HTTP Request

GET http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

HTTP Response

304

HTTP Request

GET http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

HTTP Response

304

HTTP Request

GET http://lh4.ggpht.com/_GZQyupVwbSs/TEZXqkdnhsI/AAAAAAAAZmU/hBPlcpfHGoc/s72-c/004.jpg

HTTP Response

304
142.250.180.1:80

2.bp.blogspot.com

IEXPLORE.EXE

190 B
92 B
4
2
142.250.180.1:80

http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

http

IEXPLORE.EXE

3.1kB
9.0kB
17
21

HTTP Request

GET http://2.bp.blogspot.com/-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg

HTTP Response

404

HTTP Request

GET http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

HTTP Response

200

HTTP Request

GET http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

HTTP Response

404

HTTP Request

GET http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

HTTP Response

304

HTTP Request

GET http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

HTTP Response

404

HTTP Request

GET http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

HTTP Response

304

HTTP Request

GET http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

HTTP Response

404
142.250.180.1:80

http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

http

IEXPLORE.EXE

2.2kB
7.3kB
12
16

HTTP Request

GET http://2.bp.blogspot.com/-bfKRdd9Q8Vs/TyCyLBCUfsI/AAAAAAAAHh4/gEs2rDSyYzs/s72-c/asfixxia.jpg

HTTP Response

404

HTTP Request

GET http://2.bp.blogspot.com/-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg

HTTP Response

404

HTTP Request

GET http://2.bp.blogspot.com/-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg

HTTP Response

404

HTTP Request

GET http://2.bp.blogspot.com/-_iNfw-FzTh8/Sv9fN_RXZ7I/AAAAAAAACmc/HXZIHlGfsxc/s72-c/lingua.jpg

HTTP Response

404

HTTP Request

GET http://2.bp.blogspot.com/-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png

HTTP Response

304
142.250.179.234:443

ajax.googleapis.com

tls

IEXPLORE.EXE

704 B
5.0kB
9
8
142.250.179.234:443

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

tls, http

IEXPLORE.EXE

2.9kB
41.2kB
27
36

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

HTTP Response

200

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

HTTP Response

304

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

HTTP Response

304

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

HTTP Response

304
142.250.180.1:80

http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

http

IEXPLORE.EXE

3.6kB
5.8kB
16
13

HTTP Request

GET http://3.bp.blogspot.com/-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-JAjK58Ft7IE/UnJ_3uP8QEI/AAAAAAAACKc/DbF8B1Hg1ro/s72-c/tumblr_mpll71wHun1su5qtgo1_500.jpg

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

HTTP Response

304
142.250.180.1:80

http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

http

IEXPLORE.EXE

3.6kB
8.4kB
18
16

HTTP Request

GET http://3.bp.blogspot.com/-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-IeHXc7J7dZs/URLRwVeKocI/AAAAAAAACFA/OepYPORtIII/s1600/menuh.png

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-w9LxXPliUa8/Ue2hAwwLwiI/AAAAAAAAEaE/Ezp0o-2WnPw/s72-c/facebook-logo.png

HTTP Response

304

HTTP Request

GET http://3.bp.blogspot.com/-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png

HTTP Response

304
151.101.188.84:80

assets.pinterest.com

IEXPLORE.EXE

242 B
184 B
5
4
151.101.188.84:80

http://assets.pinterest.com/js/pinit.js

http

IEXPLORE.EXE

1.7kB
4.2kB
10
13

HTTP Request

GET http://assets.pinterest.com/js/pinit.js

HTTP Response

200

HTTP Request

GET http://assets.pinterest.com/js/pinit.js

HTTP Response

304

HTTP Request

GET http://assets.pinterest.com/js/pinit.js

HTTP Response

304

HTTP Request

GET http://assets.pinterest.com/js/pinit.js

HTTP Response

304
163.70.151.21:80

http://connect.facebook.net/en_US/all.js

http

IEXPLORE.EXE

1.6kB
1.6kB
12
8

HTTP Request

GET http://connect.facebook.net/en_US/all.js

HTTP Response

301

HTTP Request

GET http://connect.facebook.net/en_US/all.js

HTTP Response

301

HTTP Request

GET http://connect.facebook.net/en_US/all.js

HTTP Response

301

HTTP Request

GET http://connect.facebook.net/en_US/all.js

HTTP Response

301
163.70.151.21:80

connect.facebook.net

IEXPLORE.EXE

190 B
92 B
4
2
142.250.200.14:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

tls, http

IEXPLORE.EXE

7.5kB
125.7kB
64
104

HTTP Request

GET https://apis.google.com/js/plusone.js

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

HTTP Response

301

HTTP Request

GET https://apis.google.com/js/rpc:shindig_random.js?onload=init

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/js/plusone.js

HTTP Response

304

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

HTTP Response

304

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

HTTP Response

304

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

HTTP Response

304
142.250.200.14:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

tls, http

IEXPLORE.EXE

5.3kB
45.7kB
31
44

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

HTTP Response

304

HTTP Request

GET https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

HTTP Response

301

HTTP Request

GET https://apis.google.com/js/rpc:shindig_random.js?onload=init

HTTP Response

304

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

HTTP Response

304

HTTP Request

GET https://apis.google.com/js/plusone.js

HTTP Response

304

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

HTTP Response

304
163.70.151.21:443

https://connect.facebook.net/en_US/all.js?hash=9192aa85f17fc88131aa5043aca788b7

tls, http

IEXPLORE.EXE

7.5kB
212.8kB
98
170

HTTP Request

GET https://connect.facebook.net/en_US/all.js

HTTP Response

200

HTTP Request

GET https://connect.facebook.net/en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd

HTTP Response

200

HTTP Request

GET https://connect.facebook.net/en_US/all.js

HTTP Response

304

HTTP Request

GET https://connect.facebook.net/en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd

HTTP Response

304

HTTP Request

GET https://connect.facebook.net/en_US/all.js

HTTP Response

304

HTTP Request

GET https://connect.facebook.net/en_US/all.js?hash=4e9c00c73eb3ad24e69c5bb7cb00b2cd

HTTP Response

304

HTTP Request

GET https://connect.facebook.net/en_US/all.js

HTTP Response

200

HTTP Request

GET https://connect.facebook.net/en_US/all.js?hash=9192aa85f17fc88131aa5043aca788b7

HTTP Response

200
216.58.201.99:80

http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

http

IEXPLORE.EXE

2.6kB
47.1kB
28
39

HTTP Request

GET http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

HTTP Response

200

HTTP Request

GET http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

HTTP Response

304

HTTP Request

GET http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

HTTP Response

304

HTTP Request

GET http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

HTTP Response

304
216.58.201.99:80

http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

http

IEXPLORE.EXE

2.0kB
17.8kB
16
18

HTTP Request

GET http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

HTTP Response

200

HTTP Request

GET http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

HTTP Response

304

HTTP Request

GET http://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff

HTTP Response

304

HTTP Request

GET http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

HTTP Response

304
142.250.200.14:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

tls, http

IEXPLORE.EXE

5.5kB
4.4kB
15
16

HTTP Request

GET https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

HTTP Response

301

HTTP Request

GET https://apis.google.com/js/rpc:shindig_random.js?onload=init

HTTP Response

304

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

HTTP Response

304

HTTP Request

GET https://apis.google.com/js/plusone.js

HTTP Response

304

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

HTTP Response

304

HTTP Request

GET https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=file%3A%2F%2F&url=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

HTTP Response

301

HTTP Request

GET https://apis.google.com/js/rpc:shindig_random.js?onload=init

HTTP Response

304

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

HTTP Response

304
142.250.27.84:443

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

tls, http

IEXPLORE.EXE

3.4kB
11.1kB
16
22

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D8828316%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D8828316%26bpli%3D1&go=true

HTTP Response

302

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7565295%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7565295%26bpli%3D1&go=true

HTTP Response

302

HTTP Request

GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

HTTP Response

200

HTTP Request

GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

HTTP Response

200
142.250.27.84:443

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&go=true

tls, http

IEXPLORE.EXE

3.4kB
11.3kB
16
21

HTTP Request

GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

HTTP Response

200

HTTP Request

GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

HTTP Response

200

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D755927%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D755927%26bpli%3D1&go=true

HTTP Response

302

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D3370392034129109115%26postID%3D705467570734950093%26blogspotRpcToken%3D7542222%26bpli%3D1&go=true

HTTP Response

302
216.58.201.110:80

developers.google.com

IEXPLORE.EXE

190 B
92 B
4
2
216.58.201.110:80

http://developers.google.com/

http

IEXPLORE.EXE

1.7kB
1.6kB
11
10

HTTP Request

GET http://developers.google.com/

HTTP Response

301

HTTP Request

GET http://developers.google.com/

HTTP Response

301

HTTP Request

GET http://developers.google.com/

HTTP Response

301

HTTP Request

GET http://developers.google.com/

HTTP Response

301
151.101.188.84:443

assets.pinterest.com

tls

IEXPLORE.EXE

797 B
6.3kB
10
13
216.58.201.110:443

https://developers.google.com/

tls, http

IEXPLORE.EXE

2.0kB
42.3kB
30
38

HTTP Request

GET https://developers.google.com/

HTTP Response

200
172.217.169.3:443

ssl.gstatic.com

tls

IEXPLORE.EXE

752 B
4.8kB
10
9
172.217.169.3:443

https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

tls, http

IEXPLORE.EXE

3.4kB
11.8kB
16
15

HTTP Request

GET https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

HTTP Response

200

HTTP Request

GET https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

HTTP Response

304

HTTP Request

GET https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

HTTP Response

304

HTTP Request

GET https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js

HTTP Response

304
142.250.187.196:443

www.google.com

tls

IEXPLORE.EXE

751 B
4.8kB
10
10
142.250.187.196:443

https://www.google.com/js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js

tls, http

IEXPLORE.EXE

3.7kB
57.3kB
33
47

HTTP Request

GET https://www.google.com/js/bg/iUFT4H_aD2n83E2qiJAm0eQnr0kH-RmNQ6xxrNG4yf8.js

HTTP Response

200

HTTP Request

GET https://www.google.com/js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js

HTTP Response

200

HTTP Request

GET https://www.google.com/js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js

HTTP Response

304

HTTP Request

GET https://www.google.com/js/bg/BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA.js

HTTP Response

304
151.101.188.84:443

assets.pinterest.com

tls

IEXPLORE.EXE

610 B
544 B
7
7
216.58.201.110:443

https://developers.google.com/

tls, http

IEXPLORE.EXE

1.7kB
32.2kB
25
29

HTTP Request

GET https://developers.google.com/

HTTP Response

200
157.240.221.35:443

www.facebook.com

tls

IEXPLORE.EXE

753 B
3.7kB
10
9
157.240.221.35:443

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e324ee39e888c%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff3c2b413a84f05c%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

tls, http

IEXPLORE.EXE

3.9kB
17.1kB
17
18

HTTP Request

GET https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38294c04426758%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff1d5373a86b34fe%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10b2c1455c4dc6%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Fff4e24d4ac0d8f%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e26be0b8b08c2%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff31568e45b8edd%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

HTTP Response

200

HTTP Request

GET https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e324ee39e888c%26domain%3D%26is_canvas%3Dfalse%26origin%3Dfile%253A%252F%252F%252Ff3c2b413a84f05c%26relation%3Dparent.parent&color_scheme=light&container_width=0&font=&href=http%3A%2F%2Fyeppeo-x.blogspot.com%2F2017%2F02%2Fna-carne.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

HTTP Response

200
151.101.188.84:443

assets.pinterest.com

tls

IEXPLORE.EXE

610 B
544 B
7
7
216.58.201.110:443

https://developers.google.com/

tls, http

IEXPLORE.EXE

1.2kB
17.3kB
14
18

HTTP Request

GET https://developers.google.com/

HTTP Response

200
151.101.188.84:443

assets.pinterest.com

tls

IEXPLORE.EXE

610 B
544 B
7
7
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.6kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

779 B
7.6kB
9
12
151.101.188.84:443

assets.pinterest.com

tls

IEXPLORE.EXE

606 B
540 B
7
7
216.58.201.110:443

https://developers.google.com/

tls, http

IEXPLORE.EXE

1.2kB
17.3kB
14
18

HTTP Request

GET https://developers.google.com/

HTTP Response

200
151.101.188.84:443

assets.pinterest.com

tls

IEXPLORE.EXE

606 B
540 B
7
7
151.101.188.84:443

assets.pinterest.com

tls

IEXPLORE.EXE

610 B
544 B
7
7
151.101.188.84:443

assets.pinterest.com

tls

IEXPLORE.EXE

610 B
544 B
7
7
216.58.201.110:443

developers.google.com

tls

IEXPLORE.EXE

429 B
311 B
4
4

8.8.8.8:53

yourjavascript.com

dns

IEXPLORE.EXE

64 B
96 B
1
1

DNS Request

yourjavascript.com

DNS Response

13.248.169.48

76.223.54.146
8.8.8.8:53

static.graddit.com

dns

IEXPLORE.EXE

64 B
80 B
1
1

DNS Request

static.graddit.com

DNS Response

165.227.71.229
8.8.8.8:53

www.blogger.com

dns

IEXPLORE.EXE

61 B
108 B
1
1

DNS Request

www.blogger.com

DNS Response

142.250.178.9
8.8.8.8:53

code.jquery.com

dns

IEXPLORE.EXE

61 B
125 B
1
1

DNS Request

code.jquery.com

DNS Response

151.101.2.137

151.101.194.137

151.101.130.137

151.101.66.137
8.8.8.8:53

1.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

1.bp.blogspot.com

DNS Response

142.250.180.1
8.8.8.8:53

4.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

4.bp.blogspot.com

DNS Response

142.250.180.1
8.8.8.8:53

resources.blogblog.com

dns

IEXPLORE.EXE

68 B
115 B
1
1

DNS Request

resources.blogblog.com

DNS Response

142.250.178.9
8.8.8.8:53

assets.pinterest.com

dns

IEXPLORE.EXE

66 B
226 B
1
1

DNS Request

assets.pinterest.com

DNS Response

151.101.188.84
8.8.8.8:53

3.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

3.bp.blogspot.com

DNS Response

142.250.180.1
8.8.8.8:53

lh4.ggpht.com

dns

IEXPLORE.EXE

59 B
120 B
1
1

DNS Request

lh4.ggpht.com

DNS Response

142.250.180.1
8.8.8.8:53

2.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

2.bp.blogspot.com

DNS Response

142.250.180.1
8.8.8.8:53

ajax.googleapis.com

dns

IEXPLORE.EXE

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.179.234
8.8.8.8:53

connect.facebook.net

dns

IEXPLORE.EXE

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

163.70.151.21
8.8.8.8:53

apis.google.com

dns

IEXPLORE.EXE

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

142.250.200.14
8.8.8.8:53

www.9a9.red

dns

IEXPLORE.EXE

57 B
123 B
1
1

DNS Request

www.9a9.red
8.8.8.8:53

accounts.google.com

dns

IEXPLORE.EXE

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.250.27.84
8.8.8.8:53

developers.google.com

dns

IEXPLORE.EXE

67 B
83 B
1
1

DNS Request

developers.google.com

DNS Response

216.58.201.110
8.8.8.8:53

ssl.gstatic.com

dns

IEXPLORE.EXE

61 B
77 B
1
1

DNS Request

ssl.gstatic.com

DNS Response

172.217.169.3
8.8.8.8:53

www.google.com

dns

IEXPLORE.EXE

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
8.8.8.8:53

www.facebook.com

dns

IEXPLORE.EXE

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.221.35
8.8.8.8:53

www.microsoft.com

dns

IEXPLORE.EXE

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

23.55.97.181

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
73210c9571cd1d327b4d942569a27298

SHA1
0033948c2ea80c218230631145abdb4db18d6d27

SHA256
7e68de8fa6df0738e1d4c513284625758c046890522f61dd4fda3a3f39c464b8

SHA512
56609054f515e54819e1ee4e54be803a35ef85b71976eb9394391c4f414c14e27e256e7402582e977f2b45fa4744ee02884674cfb5857a737c5031337f07c896

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
ac89a852c2aaa3d389b2d2dd312ad367

SHA1
8f421dd6493c61dbda6b839e2debb7b50a20c930

SHA256
0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

SHA512
c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
4dc8716b9d7daf2ddcc8552977e4d342

SHA1
0eb0e57a20b76d9119d4d5d6e9eacc62e6d4edba

SHA256
50d29eeca503e6db48a3d404b2bc82e08c619f7185bb9d1443860671c1f66576

SHA512
65572f6e74b7dedf6336bc2be9235baabadba18875b3856b0823242c81d2e9317e27040d342072b713f5a182b3abefe54605f687a0a5e37fe4052c4821d6e1be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
ee7c2d5bd0b6e20f673d436e2712e008

SHA1
30337dfd7a0c8245d4526b1fdab72a61b4ffac27

SHA256
0f65dc1a6e4177e6c8311961395651af316138b7cc97082e8c8b8bb032adc69a

SHA512
07208e6d1a56b695b101ab5dc08e1c2276689fdc3320f0c6331fc039eccb9df7f47c7a024181b2b775d347788617f14cc32748c65b25b3dec1c7f6399503c613

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bf9def9ae57351f90e3ae5095972fb35

SHA1
a0956a53a337d3f4ebf8909e5bcc8ef580880b4b

SHA256
e9090fb7193c66c2c3ec9344f992705268a4f2cfe629c3f308139d727c8be985

SHA512
b288c304a2d1b41838bcbecc5a22bc97821afd3fd71d5bc03d93913ecc8da5d53fdae4556238b2d4d07591f1bff40344213b86961f70a5f6d0587bc299ff84b7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d39628c50dee1bf84887b653ae3224c8

SHA1
2833aaf1ce3e957045f2db6b138abcaf1025822b

SHA256
1ce975f245a488ff08471d765b57f20653aab7af6e5f5a623c82c31481cb8f75

SHA512
98bcae6f0529f0e55497495dee20d629c57fc8af88786dde14edf51a73f7d8379add23a9b840ab1d54de36abfe1560b43b1e3515af5b5517cd81288299e85890

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e642a0c2ff94cdf463a5c5d86d1a1a67

SHA1
9dc39a9646f9a33f8b351eaa60faa8afde3e5230

SHA256
947d82e81cab3c1d25f591ec40e54e38076e91677d5cc32c75680ded63fb762d

SHA512
5f6b7d4328c8e799597ce3effe75631ffdce832934d881e9db8eacb11522faa928ba3a1b286701ff804a8d3a7f1c2df5d462c8637245d0477ff975e27c73867a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
75cf53009b652f568cf50a7ecc142b33

SHA1
fb0c697b25be428f1e7d711f5142b3e6930d3cca

SHA256
73489f3ac48c27596431990de88d15ca13c86e777a530008417ca5b307bdf64e

SHA512
a9dea6cf40694c47bfea5d620d972d674820be2733e7d46b358218cce7d47d7010d00e8bad428ac92dace9e87dce6c574266712a44ef4ac1e6c72ccfd820d027

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9ee58fe3bffbee9cbd2b19d2bf59ded5

SHA1
0cbf68df51f079cd039a72c4806f7e155ff06660

SHA256
d7c209cfc21fafd83b4d087acd377f41b7c2298342f3f555cc8da0c8353c365c

SHA512
29e1b185ab0e72b479ccbfa37182bee8b6ff0cc13ffdbdb596fa7260ac993a5e3e9f4b2beb2885f07ab74991082ed70ec5d61e9eaf3717cc48384ef014f8ac0f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4461d3dcc0db81ce4aae730e1ac411ab

SHA1
c9d77b4a8f7ca01ca57b5ec29aa98eeb91a99bb9

SHA256
7d475b3b3336e2a3268b3dd921f73d0c8601c90d6905bbd6697c9c17e4406e46

SHA512
a97f513e50e22018327e801319247d855344cbabe865e56decfbb57a2933b8219eed7597c1e42997ea9dbe01de2358a932aa9cd6a94b5e23d6599c8d694a4f9a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9d06cb1b3286f67b2c6761aa5c179185

SHA1
10c9e8c7ce1fbc0b1541569dff7e0154b6490d6c

SHA256
b5ce0e9e09368a38d0bad499d6c95d5bd9fd4de36ea41d473a0af10bcd9e95fa

SHA512
859a8915a5d6ebe00810c3509368df3f60389245d221b542dcc1c5a533caeec86895f3b4efb1ab4b10aeaf15572f95a6837ecbabd77040e16dd663c32685fea7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5b11b8ed1258233b1f88bf48aea7efd0

SHA1
f263796f74d2db63e8cbd15e1816c4f88a394861

SHA256
8e3b5ef4402551a4e03f68ce4d36b3660525e4188b13fa1a4c60a51d62409596

SHA512
2cc04ac5dc9425d5debe0034078a4e9631e1534737da605971ca48ac0b802e139b7c22287d298da4ac735a9ad0b0159aa4b46a7053b4d67e6e5d190d21a7e019

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7dadfd3cd01ce00d63488407db58473a

SHA1
f276229e0a5fdc463fa45670ed9e8c8342dcc144

SHA256
ba351d4e106504eebd54109d6ee94ea572991059fbe77fb9f9ced1d12e22f677

SHA512
ca42b5cfe481f75a72040419c8fc0ffd6bf211f46beed3392161e934ae7c6f2c525f54fe18e8196a6d81ac7437af7408d95151baa3edc33d859be77afbc0aae3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
bb2530305e8e553f0020e804d52cbdfa

SHA1
d611b76fa4cfccfe478e5f1fd35a3515d26d3eb3

SHA256
8a38359844f892332c6ad8113597d573e5b0b3d01b5e2ae92d85b43320ba68dc

SHA512
83da15d9d8910d0d083ae37634706ee28afec28a0c38052d8580b59719b63f5f0c42f6d2613ad9d5b3ce0086473dc3d32a285b690b1a25a44146f32005f142a8

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ee89ced4013d87d4a85283f1850aa0a7

SHA1
ac21c75747ae57a5e632f2360307a164910a905e

SHA256
26074df28e6284304807c9b6e1dbfb84c9d414a6870a0ec472746c88749fab84

SHA512
00aadf4eaf2e7274040de50ce5fb4d01522b18b2bbeadcb3458c3a969fe6c6b288144d5f5c842f3363dcc04d68a3b0e220b514956b0641c285393dde7de337f3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
639736755e5527d5a36516ff5037bdda

SHA1
298d2bf2e8a24010e89f4b413888d4bfe03aae37

SHA256
a4390c73f20296e5f9ce242e953b1593c6ec8ebecd8cdf82d79006fe4b408e53

SHA512
3cb6ac32499f39b037d3ed5e5e9f9dea12fd5ed9af28fb78460c5d8011b0a010aa4dc877347f04d80287a23af492270cc13d0f54f8761e4f8f05e87d1aa07591

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ce0cba1e1f22cdbb0497204e9ceb49df

SHA1
475f6722ce965a173472303839026c9abf17a40a

SHA256
94bee38336fcd492609c00d88220124607eb258ca58fcc6714a7f605d8a89035

SHA512
b0a63c1a791cf2e0341699a5c7d8e3cafbe2304391fee463ce12fa932e670411586f8a30cb2bfe5babf60aa0d801ad484901434734b460100eed96a5154dc802

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7a5bcc101ff0b44ad5fb20baa8753c01

SHA1
a38e77ff44a79e168e82a51797ed11ec80105b63

SHA256
d9fe2502c57c8c232017f584008f53a8d47368ed8b351389f18bd0f17b0b7362

SHA512
f031f1d0c0b13905d4395d5a7a572887166b0a8bff159095d6ade9cd2d31b598ba17ed321a7b3ed033f83968cfa2e98fc87441f914581f138a16f1074671dc82

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9f3c7ce518506b9a5c2314a8fb6c4adb

SHA1
564320954f494a5fc9ead013d114504d8bf3e448

SHA256
e55114fb2f2cdbcd84525bbe97f119487c51fdc4d27c63f7ae63b7b39b1800a2

SHA512
90e34d7514a6c5302178cba78595bf8dd5c27b56a34dedfead72984040b7e8e67a38894f215a01b81ec2ac9fbf68c4e2ef657363441ab2b509e91c58d4a69aef

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fde857d459a8542a945eb02cac0387b4

SHA1
72d275c18160437fd7cebfdae158a695625867ce

SHA256
85539cbd291065fcb4d06424e879b2b66bce2fb0ff43ce2dceb8f65303125973

SHA512
d31153904977d69f866890730ff9c9a614a71c049c85c1b1992bb46fe94e232b991dae502c4a625d1965cc31f3aad71bf616eb94a2ad6ed53cae892c718fad7c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
eadd643b16dc5065ccdde85a34b2ad00

SHA1
0970407120e110c0f91a001b5512f2646c81fb69

SHA256
1a7edde810cc257628aaa293920792275249d406ad8b388fdebda5a8cd79c2ca

SHA512
ff5e0ce54bda502a5705d78c61e6a3909d5c71686d82c71c19e01f417e4b5927b832833e324c5554ead6e00365e76ea059ad21bd69b9d7a43cb814e1f462a93f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
06a9a38096a8909e4997d83d2fdf8442

SHA1
b34be3262932798f41d69d02f8bb5b2043ea1703

SHA256
eaa33de1386e08563a13b1c33a3131824770bd7a8385b6fe4b67f3523bd10f46

SHA512
d51801edc121cf16f149f092f4bd964ac403a88af6ee987b6d5ae6f51dc1eb282c3f67bfa851404fabea5207bff0d3db5a42a66d23262fc0066bad02dcdda117

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0dab737e4e451b69f517f3f7a8fcdc28

SHA1
08058341a85b94623a0318eaea83a517a4e14bda

SHA256
eaaf894158237170b276777f41cea390c7f783ab6b1db72a7f5052922a3ebeeb

SHA512
c368665c8da72a3e56caa2a3773f0c2f76d898e3a4bfed1ab4bdca191c53d8dd8216bf228b1c4f4aa993d933b8f77d5d37e7d83455fec08013b2a12745187121

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b432fae8bf35e8a2c0f392ea8c6579c4

SHA1
41b2c1b178eeee1dbbea1cf4b8f407bad69c9dae

SHA256
a38febdd0e6da8cfae0a3a8dbc113cafed09a690800924bf9263184fa87ddcbb

SHA512
93e4d52695086107c751b12b8d16e7b2edc2739d5d7c5479a02875e97ec4e7ce11c47cac5648a766292d87e4a9a282af2f1525d1dd399b9b8ef978115877ea42

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c1fdae92bfb57a36a468e6c4dda49528

SHA1
93485fb4a03d6f7b7b3498124d62e6aa5fdfbc99

SHA256
979b64849130850fab84a67896d9a3910451d3b7acee89d7b884879db27d5526

SHA512
0110d0c9b857857eae03e2e97e6c48371d36bca117753a7d6b306222673ed0d4b640aca9f64aef0e53e38d755f8811fd5884d94f6ecf6223f4ec764f3dbb87a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
f44c87274fe8686ad10029d9eea6a908

SHA1
b2f465c7e6cb1346da14158a67d9589f98540cb5

SHA256
bcc3d19ef0794119854dffa3bc04c336bde330c37784b60b81e61c93bb5b605b

SHA512
0da5e8bad1c30689f78fb62884147a673c655c38afc9fcd46ea08d254e4b1df25296528859f5df21c2f76b0e132ad62f4f3f1c8911f8665e0b086df587e6bfc4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\BzUccsIfTkwPuPZ8dcMtoDvUPNEJjYgaRD1-U7LR4xA[1].js

Filesize
53KB

MD5
f169fb56d2583000a55c26b60eb1df81

SHA1
1ed145f6e36a4244d638802e5595fff62ec08058

SHA256
07351c72c21f4e4c0fb8f67c75c32da03bd43cd1098d881a443d7e53b2d1e310

SHA512
1f13653f4542078ef91ec0824458f9274630a90ec897534761fcab3aae4d4cd8500227033a1d4a79533b99ea43b631828d94f24196af30ea56e79b956964fca0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\ITX4B20R.htm

Filesize
84KB

MD5
9a6f55c632c724cfa9f1fef7e1e10942

SHA1
ec285a505ea631c9f5f4c76a45e9b1433f070c32

SHA256
ca9dc07abcb22b9221538060c5c732fe0a024a8cade9cdac58466a53456b212f

SHA512
6d8bdfc753f921c03d872d667b3458277c5acbc60e1184a1a498c6080132db535e9bddc73e3ff87528b515a5b97056e5dcf897d703497f3bf897c3a60fbd457e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\cb=gapi[1].js

Filesize
66KB

MD5
0fe383a7ddb9bbaefc3105b3297f5583

SHA1
f80c9d789f251909c7560bd91a9e1b9a10c26362

SHA256
d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

SHA512
31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\css[1].css

Filesize
199B

MD5
3187b9d4ff2216aa2bd4bae3619088d8

SHA1
ae776868e2c0027c4527022724f5d59b05da6c66

SHA256
a183f0787e54c8fec34bc4fd2a3c41f10c5f45a8f3510cdf6316bdb3e5215034

SHA512
c2eb02ce0a2a40f1c61621dc6b42e7ad7659e829c3a8f12b7bee2f463c31e868d59c6a0e01c30e864080caaec77098efc47b331863f1193bd637c88cfe8c7d50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\errorPageStrings[1]

Filesize
2KB

MD5
e3e4a98353f119b80b323302f26b78fa

SHA1
20ee35a370cdd3a8a7d04b506410300fd0a6a864

SHA256
9466d620dc57835a2475f8f71e304f54aee7160e134ba160baae0f19e5e71e66

SHA512
d8e4d73c76804a5abebd5dbc3a86dcdb6e73107b873175a8de67332c113fb7c4899890bf7972e467866fa4cd100a7e2a10a770e5a9c41cbf23b54351b771dcee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\fastbutton[2].htm

Filesize
226B

MD5
4df07581948280a6e769a24c5d99d775

SHA1
843a2c95362347eb8894a6acb607f139be65ded4

SHA256
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73

SHA512
bfe455150379d9ec4303659ac16a5082e093ed248fa9d75276bda05287d8bd51c43aab5896826ca55ffee88dce281df359fed6d38395ac3e7cdb7b68c2d35e4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8Q1DZR\rpc_shindig_random[1].js

Filesize
14KB

MD5
6a90a8e611705b6e5953757cc549ce8c

SHA1
3e7416db7afe4cfdf3980daba308df560b4bede6

SHA256
51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

SHA512
583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\2621646369-cmtfp[1].css

Filesize
13KB

MD5
9f212334462c2e699353dc8988690a19

SHA1
2e25d1abe33ec5ebf10e0a6b055e38c9671802a2

SHA256
2529a8451bea93302e41dc0fad03f7550094f4ef5ec4f3800f28c2639d5e2789

SHA512
58e906a50f8b654e79b242f1323dcb08773937f723d01caca4f675ce2091eb20caf2fce23a7a15443fa4a6643716662304d83b95ac7b7b64d588168b47ce9407

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\457480341-comment_from_post_iframe[1].js

Filesize
11KB

MD5
21f67dc65a7b6ea50d7bec6fa95c4150

SHA1
8043a233b33eb10485e87804f431c10af938c8d3

SHA256
5d72290d51d8fbc626cf8a5661aae06f44b30cad885bb1ae2a7f9024a0b9febe

SHA512
bf4260d0b5c0e264d6ea68f6ff20781905dd790376234e50996dd47e8e0c0afdf5462286e004d9d7813cafe1ef3242fdd5ddc48694a5e6dbd38b9e8588d4fefc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\482958267-cmt__en_gb[1].js

Filesize
98KB

MD5
ae132f848293b0e2645796330d17ff16

SHA1
d41ac4f3738d86ad5c0d3501814a340ea4d46f6a

SHA256
f5a6fbf4bcf27de3ad931311f9774eeed60d2acde851bd2460232e7e5db96864

SHA512
b92bf5f1b908daf819b38735691f86e8a7243e12ee09f671e32c1173052d9851d2e271510edb6597ee752790b0da854ac8887ef86625d6577f0832c8168ad557

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\BngRUXNadjH0qYEzV7ab-oWlsbCGwRs[1].woff

Filesize
42KB

MD5
eed6edd3682ea4dad7d42e43648b490a

SHA1
3c16df451896fe5f0263d27bb1e44cffbd86ee41

SHA256
fd3b97c19b90a1981c6851327e8289243e44383a4fdd8e45353214867eb5b5e4

SHA512
79e44f268beca9e61506e12fdd1733c6e822e90020e1118a0fa325bf09682a7b41dd9d17533e41c85014e63fcbe8c65225224a6fc63495617e0b14d639c1b973

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw[1].woff

Filesize
15KB

MD5
57a8f14ba2567b39ba4013db835af389

SHA1
101b638945cbb93990c70eac567cbc060c573cc1

SHA256
7210e1fc5e0b71011f6d821fce7aa459b4c2452af3fc4dc0f493abda10fd13a2

SHA512
57ab3b386ad8487341a9767c099dd209523fc4b571efa74cdff4b8ea85a7c452da90e8f10406f17dab5f74dc64750a6cc0dbcea830169ffac37458a7abbab8a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\cb=gapi[2].js

Filesize
99KB

MD5
59e7715983f1a5c4cdde2c76b015e21e

SHA1
0c9035da67e550e458c053e562f3781e0520e182

SHA256
85454302a9280ba5160a95772914c07adda5b464d74a354f13540f9ad5127aec

SHA512
449d9ea80695a0c96d501b7d5a98328eabca18576770572b472fac7553723bcc4d55561f980f6bd4abb7d173a8d5525ea1abce92fd794c92ae36edd2aa12e522

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\jquery-2.2.3[1].js

Filesize
252KB

MD5
aacc43d6f308fa362ac85e3f4fb2b30c

SHA1
09b2fbec3c6e662be486da501a913d4b93ad39eb

SHA256
95a5d6b46c9da70a89f0903e5fdc769a2c266a22a19fcb5598e5448a044db4fe

SHA512
c535148b1cf98ae0569ea06233ecc7a5fa3253a803a44967286fd0700d52c4bbf2fe3b5f5c406330abca012c50769fde9a9a9f24559ccd0d92f5ca2d94a5d3ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPR7YYBV\jquery.min[1].js

Filesize
89KB

MD5
a1a8cb16a060f6280a767187fd22e037

SHA1
7622c9ac2335be6dcd3ab8b47132e94089cef931

SHA256
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

SHA512
252476e9f94a6db579e14cdf1197555e856e6b80dbcd78c46b9345ce6605a1cd69da0dab2a4c475b51d2103404d2c61acd18490e005d625eca06afe4d75c8a6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UA1HZF3D\3604799710-postmessagerelay[1].js

Filesize
11KB

MD5
40aaadf2a7451d276b940cddefb2d0ed

SHA1
b2fc8129a4f5e5a0c8cb631218f40a4230444d9e

SHA256
4b515a19e688085b55f51f1eda7bc3e51404e8f59b64652e094994baf7be28f2

SHA512
6f66544481257ff36cda85da81960a848ebcf86c2eb7bbe685c9b6a0e91bca9fc9879c4844315c90afd9158f1d54398f0f1d650d50204e77692e48b39a038d50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\2549344219-widget_css_bundle[1].css

Filesize
30KB

MD5
1262fb3b6c8a66bb33af5bb8de15a59a

SHA1
7ce924780c5287c5dd8dbeae4e712775ea1f83f9

SHA256
d539a910089008f073b426d44a496f1952ba01b9ff018425c18d21bea42aa128

SHA512
59e35343fe3288bec0d002d1a321bff62d70ebfda1f06c73771bffeb8d1c60824fdce39ad3437db9de5df4f08e7f4322611efbbdfecd3292706d244909c61386

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\all[1].js

Filesize
3KB

MD5
f10e16f28c334b93f62fdb1f9f8fa151

SHA1
030816b2a31aacb03b27da7140c3aea28351fac1

SHA256
a2e76a820f36300752da2433a5e280fb6f33e8ada6d06e603c5efac30b4d37ed

SHA512
166c746a48357c73d92daf34bcea8e7385a8443766eb7660e97962015ef78d21e41416e566d8e21e629f508ce1a1e27a87a4e68b1dc8700bfb95d027c3005a82

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\all[2].js

Filesize
306KB

MD5
532debcdc4e77108cb8aac01244ec756

SHA1
0d5718f23230eead7a92c5dadbcd5f1a6f2f4eb9

SHA256
42950142ae4dc0dff2f4c8278d5b966c298bdec31c27c0e9a82b93bb30580278

SHA512
731ecf1b71f32571f6638eae312b190112162f0fb3b3b5753cac0fc5d2d92801e30c4aec601e6a726b0eb1779e28d1edda1523aaf24410763022cb3fe11fbd1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\css[2].css

Filesize
192B

MD5
cb39a89917eec0f680f2d31bc9fda9ff

SHA1
c8574e4f5a6be55eaa110fa16c01b4695441628f

SHA256
63b9e7deee11b4ff0dc967aa0c0cdf89b0c9b3094118d1102f7507556e63a08e

SHA512
dc4442a2ff2626988a48e549da8b151d6cec94c813a4b0f6030536f8afde0846b89a49bdad6330649b07c5efe7926544e90f94f7db0bb3b42ecdbb7bff738953

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\httpErrorPagesScripts[2]

Filesize
8KB

MD5
3f57b781cb3ef114dd0b665151571b7b

SHA1
ce6a63f996df3a1cccb81720e21204b825e0238c

SHA256
46e019fa34465f4ed096a9665d1827b54553931ad82e98be01edb1ddbc94d3ad

SHA512
8cbf4ef582332ae7ea605f910ad6f8a4bc28513482409fa84f08943a72cac2cf0fa32b6af4c20c697e1fac2c5ba16b5a64a23af0c11eefbf69625b8f9f90c8fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\jquery.easing[1].htm

Filesize
114B

MD5
e89f75f918dbdcee28604d4e09dd71d7

SHA1
f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

SHA256
6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

SHA512
8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\pinit[1].js

Filesize
361B

MD5
9e724ccab52ce087d92250b1e06ef0ee

SHA1
8000043a1fb8735345f8b27c65b85331099aed8d

SHA256
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

SHA512
ff880120b2087757cf3d0d0333b7a83240d35fe9af7420477f9bc9684ade59f6e3c94bca0f608a12c594282143a2ccf50b33be20b70aa8c1aa818dd499050473

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VIF0OH2A\plusone[1].js

Filesize
54KB

MD5
53e032294d7b74dc7c3e47b03a045d1a

SHA1
f462da8a8f40b78d570a665668ba8d1a834960c2

SHA256
8076b082eadf0cab4a8823dbd7628a0b44f174c17b3221221c0e31e7c60307a2

SHA512
fe263fe86aea2ba1b86d86305650cdeee45cd1f7b4339f9d4fb81db776b78abedccd0ae77262f45d579751daa26f81385354b3d126fdb5577036e9dd1db33276

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab1E7B.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1FBA.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request