Analysis

  • max time kernel
    130s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    16-06-2024 10:33

General

  • Target

    b30cb754b2a2f18e3bfc1832738968dd_JaffaCakes118.html

  • Size

    156KB

  • MD5

    b30cb754b2a2f18e3bfc1832738968dd

  • SHA1

    609c5494c63b2ebf20c884c0f1ffcc88adf691e1

  • SHA256

    85be0b7154aec76b554d8e5fd3a4919e60104a31b97ca38e959025b0900776ea

  • SHA512

    1d64a9fcd4624352693c2c256d08614b1099c701e2c317a447187a244a7093f479230016028848bda1c909a5ddf77f794ff049d678bdb7a3b23c95274f38a897

  • SSDEEP

    3072:DFTSF3B2UP13G4k5QhLpOatVrPmz/fNbYaaLStR/ikNy3ZScxWUu/v66sbsGon4g:52N3G4k5QhL8atVefNbYaaLStR5MxWUY

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 40 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\b30cb754b2a2f18e3bfc1832738968dd_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1420
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1420 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:3004

Network

  • flag-us
    DNS
    ajax.googleapis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ajax.googleapis.com
    IN A
    Response
    ajax.googleapis.com
    IN A
    142.250.180.10
  • flag-us
    DNS
    www.blogger.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.blogger.com
    IN A
    Response
    www.blogger.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    142.250.178.9
  • flag-us
    DNS
    resources.blogblog.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    resources.blogblog.com
    IN A
    Response
    resources.blogblog.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    142.250.178.9
  • flag-us
    DNS
    cache.filehippo.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    cache.filehippo.com
    IN A
    Response
    cache.filehippo.com
    IN A
    35.233.77.94
  • flag-us
    DNS
    platform.twitter.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    platform.twitter.com
    IN A
    Response
    platform.twitter.com
    IN CNAME
    cs472.wac.edgecastcdn.net
    cs472.wac.edgecastcdn.net
    IN CNAME
    cs1-apr-8315.wac.edgecastcdn.net
    cs1-apr-8315.wac.edgecastcdn.net
    IN CNAME
    wac.apr-8315.edgecastdns.net
    wac.apr-8315.edgecastdns.net
    IN CNAME
    cs1-lb-eu.8315.ecdns.net
    cs1-lb-eu.8315.ecdns.net
    IN CNAME
    cs41.wac.edgecastcdn.net
    cs41.wac.edgecastcdn.net
    IN A
    93.184.220.66
  • flag-us
    DNS
    static.addtoany.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.addtoany.com
    IN A
    Response
    static.addtoany.com
    IN A
    104.22.70.197
    static.addtoany.com
    IN A
    104.22.71.197
    static.addtoany.com
    IN A
    172.67.39.148
  • flag-us
    DNS
    3.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    3.bp.blogspot.com
    IN A
    Response
    3.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    142.250.180.1
  • flag-us
    DNS
    lh4.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh4.googleusercontent.com
    IN A
    Response
    lh4.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    2.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    2.bp.blogspot.com
    IN A
    Response
    2.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    142.250.180.1
  • flag-us
    DNS
    4.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    4.bp.blogspot.com
    IN A
    Response
    4.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    142.250.180.1
  • flag-us
    DNS
    1.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    1.bp.blogspot.com
    IN A
    Response
    1.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    142.250.180.1
  • flag-gb
    GET
    https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /static/v1/widgets/2549344219-widget_css_bundle.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 6822
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:25:55 GMT
    Expires: Mon, 16 Jun 2025 00:25:55 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Fri, 12 Jun 2020 07:20:00 GMT
    Content-Type: text/css
    Vary: Accept-Encoding
    Age: 36450
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/img/cmt/close.gif
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /img/cmt/close.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Cookie: S=blogger=zuYqzTKtqXWLpaASn6UiXf5-XLnjSdaiyURuNzOVvxg
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 347
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 15 Jun 2024 18:15:23 GMT
    Expires: Sat, 22 Jun 2024 18:15:23 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Sat, 15 Jun 2024 17:50:19 GMT
    Content-Type: image/gif
    Age: 58684
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/static/v1/widgets/1281339923-widgets.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /static/v1/widgets/1281339923-widgets.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 53172
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 02:37:41 GMT
    Expires: Mon, 16 Jun 2025 02:37:41 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 13 Nov 2019 22:27:01 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 28544
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/html; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sun, 16 Jun 2024 10:33:27 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: S=blogger=zuYqzTKtqXWLpaASn6UiXf5-XLnjSdaiyURuNzOVvxg; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /static/v1/v-css/2621646369-cmtfp.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Cookie: S=blogger=zuYqzTKtqXWLpaASn6UiXf5-XLnjSdaiyURuNzOVvxg
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 3701
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 15 Jun 2024 20:47:21 GMT
    Expires: Sun, 15 Jun 2025 20:47:21 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Sat, 15 Jun 2024 19:54:03 GMT
    Content-Type: text/css
    Vary: Accept-Encoding
    Age: 49566
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
    IEXPLORE.EXE
    Remote address:
    142.250.180.10:443
    Request
    GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ajax.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
    Timing-Allow-Origin: *
    Content-Length: 33593
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:16:15 GMT
    Expires: Mon, 16 Jun 2025 00:16:15 GMT
    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 37030
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-be
    GET
    http://cache.filehippo.com/img/ex/451__abiWord1.png
    IEXPLORE.EXE
    Remote address:
    35.233.77.94:80
    Request
    GET /img/ex/451__abiWord1.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: cache.filehippo.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 308 Permanent Redirect
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Content-Type: text/html
    Content-Length: 164
    Connection: keep-alive
    Location: https://cache.filehippo.com/img/ex/451__abiWord1.png
  • flag-gb
    GET
    https://www.blogger.com/static/v1/jsbin/3962873971-comment_from_post_iframe.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /static/v1/jsbin/3962873971-comment_from_post_iframe.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 4512
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 01:58:49 GMT
    Expires: Mon, 16 Jun 2025 01:58:49 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 02 Dec 2019 19:25:17 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 30876
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7307659999195046705&zx=ae39caba-6a96-469b-99c8-73e6e811d3d1
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /dyn-css/authorization.css?targetBlogID=7307659999195046705&zx=ae39caba-6a96-469b-99c8-73e6e811d3d1 HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/css; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sun, 16 Jun 2024 10:33:25 GMT
    Last-Modified: Sun, 16 Jun 2024 10:33:25 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.blogger.com/static/v1/jsbin/1697667608-cmt.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /static/v1/jsbin/1697667608-cmt.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Cookie: S=blogger=zuYqzTKtqXWLpaASn6UiXf5-XLnjSdaiyURuNzOVvxg
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 34710
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:35:43 GMT
    Expires: Mon, 16 Jun 2025 00:35:43 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Thu, 13 Jun 2024 06:06:40 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 35864
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /comment-iframe-bg.g?bgresponse=js_disabled&bgint=uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek HTTP/1.1
    Accept: */*
    Referer: https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1#%7B%22color%22%3A%22rgb(0%2C%200%2C%200)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(52%2C%20152%2C%20219)%22%2C%22fontFamily%22%3A%22%5C%22Roboto_Regular%5C%22%2C%20%5C%22Roboto%5C%22%2C%20%5C%22Roboto%20Regular%5C%22%2C%20%5C%22Franklin%20Gothic%20Medium%5C%22%2C%20%5C%22Franklin%20Gothic%20Book%5C%22%2C%20%5C%22Lucida%20Sans%5C%22%2C%20%5C%22Lucida%20Sans%20Unicode%5C%22%2C%20%5C%22Helmet%2CFreesans%5C%22%2C%20%5C%22Sans-Serif%5C%22%22%7D
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.blogger.com
    Connection: Keep-Alive
    Cookie: S=blogger=zuYqzTKtqXWLpaASn6UiXf5-XLnjSdaiyURuNzOVvxg
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/javascript; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sun, 16 Jun 2024 10:33:28 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    GET
    http://static.addtoany.com/menu/page.js
    IEXPLORE.EXE
    Remote address:
    104.22.70.197:80
    Request
    GET /menu/page.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.addtoany.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Content-Type: text/html
    Content-Length: 167
    Connection: keep-alive
    Cache-Control: max-age=3600
    Expires: Sun, 16 Jun 2024 11:33:24 GMT
    Location: https://static.addtoany.com/menu/page.js
    Vary: Accept-Encoding
    X-Content-Type-Options: nosniff
    Server: cloudflare
    CF-RAY: 894a24367be69719-AMS
    alt-svc: h3=":443"; ma=86400
  • flag-gb
    GET
    http://2.bp.blogspot.com/-MjwypLkkJik/UdfYV87_ChI/AAAAAAAAAZs/0YS9W0rLJYs/w72-h72-p-k-no-nu/Diet+MP3.png
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-MjwypLkkJik/UdfYV87_ChI/AAAAAAAAAZs/0YS9W0rLJYs/w72-h72-p-k-no-nu/Diet+MP3.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="Diet MP3.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 10899
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Expires: Mon, 17 Jun 2024 10:33:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v19c"
    Content-Type: image/png
    Vary: Origin
    Age: 0
  • flag-gb
    GET
    http://2.bp.blogspot.com/-ziR1vJXzO9Y/UZpBJ5vQyGI/AAAAAAAAAOY/TbwAt-lBjnE/w72-h72-p-k-no-nu/movi+creator.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-ziR1vJXzO9Y/UZpBJ5vQyGI/AAAAAAAAAOY/TbwAt-lBjnE/w72-h72-p-k-no-nu/movi+creator.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="movi creator.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3113
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Expires: Mon, 17 Jun 2024 10:33:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "ve6"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 0
  • flag-gb
    GET
    http://2.bp.blogspot.com/-iSx56Yp8o28/U76sWfze3DI/AAAAAAAAAZk/vAMnDn3dm0E/user.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-iSx56Yp8o28/U76sWfze3DI/AAAAAAAAAZk/vAMnDn3dm0E/user.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="user.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 4066
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:33:26 GMT
    Expires: Mon, 17 Jun 2024 10:33:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v807"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 0
  • flag-gb
    GET
    http://1.bp.blogspot.com/-RfqN9Hj4Big/Uc5thNT9_fI/AAAAAAAAAXM/8NjyMURhcwg/w72-h72-p-k-no-nu/software-sms-broadcast.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-RfqN9Hj4Big/Uc5thNT9_fI/AAAAAAAAAXM/8NjyMURhcwg/w72-h72-p-k-no-nu/software-sms-broadcast.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="software-sms-broadcast.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3314
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Expires: Mon, 17 Jun 2024 10:33:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v174"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 0
  • flag-gb
    GET
    https://1.bp.blogspot.com/-G-ESOOfFPyI/Wce0IIxhfdI/AAAAAAAAGVs/BwHPBi7alX0pNEtC-o974z3BMS3E-R5egCPcBGAYYCw/s320/BANER%2BHP.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:443
    Request
    GET /-G-ESOOfFPyI/Wce0IIxhfdI/AAAAAAAAGVs/BwHPBi7alX0pNEtC-o974z3BMS3E-R5egCPcBGAYYCw/s320/BANER%2BHP.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="BANER HP.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 38941
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:33:25 GMT
    Expires: Mon, 17 Jun 2024 10:33:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v195b"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    http://2.bp.blogspot.com/-0yDPFw1Ipx8/UuDAA4BHOhI/AAAAAAAABJQ/p3pfgJwAvfM/w72-h72-p-k-no-nu/game+dewasa+seks+virtual.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-0yDPFw1Ipx8/UuDAA4BHOhI/AAAAAAAABJQ/p3pfgJwAvfM/w72-h72-p-k-no-nu/game+dewasa+seks+virtual.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="game dewasa seks virtual.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3915
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Expires: Mon, 17 Jun 2024 10:33:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v495"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 0
  • flag-gb
    GET
    http://1.bp.blogspot.com/-hbx6jkvHjuM/UV9NDnHabYI/AAAAAAAAAD0/FBdLgrvV6FQ/w72-h72-p-k-no-nu/win7codecs110final+copy.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-hbx6jkvHjuM/UV9NDnHabYI/AAAAAAAAAD0/FBdLgrvV6FQ/w72-h72-p-k-no-nu/win7codecs110final+copy.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v3e"
    Expires: Mon, 17 Jun 2024 10:33:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="win7codecs110final copy.jpg"
    X-Content-Type-Options: nosniff
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Server: fife
    Content-Length: 3071
    X-XSS-Protection: 0
  • flag-pl
    GET
    http://platform.twitter.com/widgets.js
    IEXPLORE.EXE
    Remote address:
    93.184.220.66:80
    Request
    GET /widgets.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: platform.twitter.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Encoding: gzip
    Access-Control-Allow-Methods: GET
    Access-Control-Allow-Origin: *
    Access-Control-Max-Age: 3000
    Age: 1058
    Cache-Control: public, max-age=1800
    Content-Type: application/javascript; charset=utf-8
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
    Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
    P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
    Server: ECS (frb/67D3)
    Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
    Vary: Accept-Encoding
    x-amz-server-side-encryption: AES256
    X-Cache: HIT
    x-tw-cdn: VZ
    Content-Length: 27597
  • flag-gb
    GET
    http://3.bp.blogspot.com/-jhqnzWvo0nc/T98XbKrLflI/AAAAAAAAAZo/r3vvCQiLcYI/w72-h72-p-k-no-nu/ps1-horz.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-jhqnzWvo0nc/T98XbKrLflI/AAAAAAAAAZo/r3vvCQiLcYI/w72-h72-p-k-no-nu/ps1-horz.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v19a"
    Expires: Mon, 17 Jun 2024 10:33:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="ps1-horz.jpg"
    X-Content-Type-Options: nosniff
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Server: fife
    Content-Length: 4680
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://3.bp.blogspot.com/-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="icnall.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 1136
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 08:06:44 GMT
    Expires: Mon, 17 Jun 2024 08:06:44 GMT
    Cache-Control: public, max-age=86400, no-transform
    Age: 8802
    ETag: "v1694"
    Content-Type: image/png
    Vary: Origin
  • flag-gb
    GET
    https://resources.blogblog.com/img/icon18_wrench_allbkg.png
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /img/icon18_wrench_allbkg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: resources.blogblog.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 475
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 15 Jun 2024 18:39:28 GMT
    Expires: Sat, 22 Jun 2024 18:39:28 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Sat, 15 Jun 2024 11:53:09 GMT
    Content-Type: image/png
    Age: 57237
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://resources.blogblog.com/img/blank.gif
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /img/blank.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: resources.blogblog.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 43
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 15 Jun 2024 18:43:00 GMT
    Expires: Sat, 22 Jun 2024 18:43:00 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Sat, 15 Jun 2024 12:54:49 GMT
    Content-Type: image/gif
    Age: 57027
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://resources.blogblog.com/img/anon36.png
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:443
    Request
    GET /img/anon36.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: resources.blogblog.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 1654
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 15 Jun 2024 18:35:29 GMT
    Expires: Sat, 22 Jun 2024 18:35:29 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Fri, 14 Jun 2024 23:55:09 GMT
    Content-Type: image/png
    Age: 57479
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh4.googleusercontent.com/proxy/GWGyTaNEosAxFGRuVzjD6EYmQe5SHqER46yMmJ3GZ0Vu78WnyfwhvevitHQL6JDe0STl6K981--luf4Jy0B5fio5GPNUBKT2nRqVJBJx=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /proxy/GWGyTaNEosAxFGRuVzjD6EYmQe5SHqER46yMmJ3GZ0Vu78WnyfwhvevitHQL6JDe0STl6K981--luf4Jy0B5fio5GPNUBKT2nRqVJBJx=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh4.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 16 Jun 2024 10:33:25 GMT
    Server: fife
    Content-Length: 1689
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    http://4.bp.blogspot.com/-jniNtC-3r-E/UY0K_oDCViI/AAAAAAAAALo/iJ3YT-9QwSI/w72-h72-p-k-no-nu/logsim.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-jniNtC-3r-E/UY0K_oDCViI/AAAAAAAAALo/iJ3YT-9QwSI/w72-h72-p-k-no-nu/logsim.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="logsim.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3293
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Expires: Mon, 17 Jun 2024 10:33:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "vba"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 0
  • flag-gb
    GET
    http://4.bp.blogspot.com/-v6LKb327dL0/UWF_dxz5SvI/AAAAAAAAAEk/VCChg_l8QS4/w72-h72-p-k-no-nu/Mas+Paper.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-v6LKb327dL0/UWF_dxz5SvI/AAAAAAAAAEk/VCChg_l8QS4/w72-h72-p-k-no-nu/Mas+Paper.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v4a"
    Expires: Mon, 17 Jun 2024 10:33:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Mas Paper.jpg"
    X-Content-Type-Options: nosniff
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Server: fife
    Content-Length: 3953
    X-XSS-Protection: 0
  • flag-gb
    GET
    http://4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png
    IEXPLORE.EXE
    Remote address:
    142.250.180.1:80
    Request
    GET /-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="homes.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 571
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:05:19 GMT
    Expires: Mon, 17 Jun 2024 10:05:19 GMT
    Cache-Control: public, max-age=86400, no-transform
    Age: 1687
    ETag: "v194"
    Content-Type: image/png
    Vary: Origin
  • flag-us
    GET
    https://static.addtoany.com/menu/page.js
    IEXPLORE.EXE
    Remote address:
    104.22.70.197:443
    Request
    GET /menu/page.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.addtoany.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 16 Jun 2024 10:33:25 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=86400, stale-while-revalidate=30, public
    Cf-Bgj: minify
    ETag: W/"e346c2841e4abbb66ee259e9540abb61"
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilquHBfZwe112MG4lxQJaE1Bl%2F1Semnk9Mh%2BEbXe%2BDx%2BybVbsR4Q5Zk%2F9rOUWhdZ26RQjEtVIN10UNSWhZnKMUDc0iQddFAiLQn431iW1y0ENRlR2c%2FMXDQ7dgMGnGMUgYp3CKA9"}],"group":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    CF-Cache-Status: HIT
    Age: 11798
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    Server: cloudflare
    CF-RAY: 894a243fa85e9f8d-AMS
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://static.addtoany.com/menu/sm.25.html
    IEXPLORE.EXE
    Remote address:
    104.22.70.197:443
    Request
    GET /menu/sm.25.html HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.addtoany.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 16 Jun 2024 10:33:26 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=315360000, immutable
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSeivxXBn8S26LGjslhMi1BIR6MwRd1IOK%2BhrD%2B05RDOl%2FihCgx8zfqtRDd8YzhEqgmJHNDdyQDqdvBIBht82qzh4Zw8vj8EFWvJKOcpbqEcL4J6Z1WH13zWEiUKzgsUa09ueVyX4uf%2B%2BRo%2FBpUFaZzD"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    CF-Cache-Status: HIT
    Age: 28782
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    Server: cloudflare
    CF-RAY: 894a2442cc469f8d-AMS
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://static.addtoany.com/menu/eso.BRQnzO8v.js
    IEXPLORE.EXE
    Remote address:
    104.22.70.197:443
    Request
    GET /menu/eso.BRQnzO8v.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.addtoany.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Sun, 16 Jun 2024 10:33:26 GMT
    Content-Type: application/javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=315360000, immutable
    Cf-Bgj: minify
    ETag: W/"93c41722448d9f615d5594fdaa7bb9e0"
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fkg9HRNYozpB0nTauPho176lVXjyp2EEFOCKZmW0EzkRZnFH6TvBBPjB2tVthzkcrYcENE0%2BPDy3bYeEr43CJyF9qBMWD7PQ%2FEjVNhKrb6TDxQMIVtVG7rqkkT0wMn38HiNCrUR0"}],"group":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    CF-Cache-Status: HIT
    Age: 25326
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    Server: cloudflare
    CF-RAY: 894a24442df69f8d-AMS
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    DNS
    pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    pki.goog
    IN A
    Response
    pki.goog
    IN A
    216.239.32.29
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:07:22 GMT
    Expires: Sun, 16 Jun 2024 10:57:22 GMT
    Cache-Control: public, max-age=3000
    Age: 1562
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:22:57 GMT
    Expires: Sun, 16 Jun 2024 11:12:57 GMT
    Cache-Control: public, max-age=3000
    Age: 627
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:07:22 GMT
    Expires: Sun, 16 Jun 2024 10:57:22 GMT
    Cache-Control: public, max-age=3000
    Age: 1562
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:07:22 GMT
    Expires: Sun, 16 Jun 2024 10:57:22 GMT
    Cache-Control: public, max-age=3000
    Age: 1562
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:22:57 GMT
    Expires: Sun, 16 Jun 2024 11:12:57 GMT
    Cache-Control: public, max-age=3000
    Age: 627
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:22:57 GMT
    Expires: Sun, 16 Jun 2024 11:12:57 GMT
    Cache-Control: public, max-age=3000
    Age: 627
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:22:57 GMT
    Expires: Sun, 16 Jun 2024 11:12:57 GMT
    Cache-Control: public, max-age=3000
    Age: 627
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:07:22 GMT
    Expires: Sun, 16 Jun 2024 10:57:22 GMT
    Cache-Control: public, max-age=3000
    Age: 1562
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:07:22 GMT
    Expires: Sun, 16 Jun 2024 10:57:22 GMT
    Cache-Control: public, max-age=3000
    Age: 1562
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:07:22 GMT
    Expires: Sun, 16 Jun 2024 10:57:22 GMT
    Cache-Control: public, max-age=3000
    Age: 1562
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    GET
    http://pki.goog/gsr1/gsr1.crt
    IEXPLORE.EXE
    Remote address:
    216.239.32.29:80
    Request
    GET /gsr1/gsr1.crt HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 889
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 10:07:22 GMT
    Expires: Sun, 16 Jun 2024 10:57:22 GMT
    Cache-Control: public, max-age=3000
    Age: 1562
    Last-Modified: Wed, 20 May 2020 16:45:00 GMT
    Content-Type: application/pkix-cert
    Vary: Accept-Encoding
  • flag-us
    DNS
    apps.identrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apps.identrust.com
    IN A
    Response
    apps.identrust.com
    IN CNAME
    identrust.edgesuite.net
    identrust.edgesuite.net
    IN CNAME
    a1952.dscq.akamai.net
    a1952.dscq.akamai.net
    IN A
    23.14.90.91
    a1952.dscq.akamai.net
    IN A
    23.14.90.73
  • flag-be
    GET
    http://apps.identrust.com/roots/dstrootcax3.p7c
    IEXPLORE.EXE
    Remote address:
    23.14.90.91:80
    Request
    GET /roots/dstrootcax3.p7c HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: apps.identrust.com
    Response
    HTTP/1.1 200 OK
    X-XSS-Protection: 1; mode=block
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    X-Robots-Tag: noindex
    Referrer-Policy: same-origin
    Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
    ETag: "37d-6079b8c0929c0"
    Accept-Ranges: bytes
    Content-Length: 893
    X-Content-Type-Options: nosniff
    X-Frame-Options: sameorigin
    Content-Type: application/pkcs7-mime
    Cache-Control: max-age=3600
    Expires: Sun, 16 Jun 2024 11:33:24 GMT
    Date: Sun, 16 Jun 2024 10:33:24 GMT
    Connection: keep-alive
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    23.34.233.128
  • flag-us
    DNS
    x2.c.lencr.org
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    x2.c.lencr.org
    IN A
    Response
    x2.c.lencr.org
    IN CNAME
    crl.root-x1.letsencrypt.org.edgekey.net
    crl.root-x1.letsencrypt.org.edgekey.net
    IN CNAME
    e8652.dscx.akamaiedge.net
    e8652.dscx.akamaiedge.net
    IN A
    23.55.97.11
  • flag-be
    GET
    http://x2.c.lencr.org/
    IEXPLORE.EXE
    Remote address:
    23.55.97.11:80
    Request
    GET / HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: x2.c.lencr.org
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/pkix-crl
    Last-Modified: Mon, 12 Feb 2024 22:07:27 GMT
    ETag: "65ca969f-12b"
    Cache-Control: max-age=3600
    Expires: Sun, 16 Jun 2024 11:33:25 GMT
    Date: Sun, 16 Jun 2024 10:33:25 GMT
    Content-Length: 299
    Connection: keep-alive
  • flag-us
    DNS
    jqueryapi.info
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    jqueryapi.info
    IN A
    Response
    jqueryapi.info
    IN A
    96.126.123.244
    jqueryapi.info
    IN A
    45.33.30.197
    jqueryapi.info
    IN A
    198.58.118.167
    jqueryapi.info
    IN A
    72.14.185.43
    jqueryapi.info
    IN A
    45.79.19.196
    jqueryapi.info
    IN A
    45.33.2.79
    jqueryapi.info
    IN A
    45.33.23.183
    jqueryapi.info
    IN A
    72.14.178.174
    jqueryapi.info
    IN A
    45.33.20.235
    jqueryapi.info
    IN A
    173.255.194.134
    jqueryapi.info
    IN A
    45.33.18.44
    jqueryapi.info
    IN A
    45.56.79.23
  • flag-us
    DNS
    themes.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    themes.googleusercontent.com
    IN A
    Response
    themes.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    GET
    http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5Cb30cb754b2a2f18e3bfc1832738968dd_JaffaCakes118.html
    IEXPLORE.EXE
    Remote address:
    96.126.123.244:80
    Request
    GET /?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5Cb30cb754b2a2f18e3bfc1832738968dd_JaffaCakes118.html HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: jqueryapi.info
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    server: openresty/1.13.6.1
    date: Sun, 16 Jun 2024 10:33:26 GMT
    content-type: application/javascript
    content-length: 157
    last-modified: Tue, 10 Jan 2023 21:36:11 GMT
    etag: "63bdda4b-9d"
    accept-ranges: bytes
    connection: close
  • flag-gb
    GET
    http://themes.googleusercontent.com/static/fonts/roboto/v11/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /static/fonts/roboto/v11/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 19973
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 05:54:11 GMT
    Expires: Mon, 16 Jun 2025 05:54:11 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Sun, 25 Jun 2023 02:58:00 GMT
    Content-Type: font/woff
    Vary: Accept-Encoding
    Age: 16755
  • flag-gb
    GET
    http://themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 21132
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 15 Jun 2024 18:10:38 GMT
    Expires: Sun, 15 Jun 2025 18:10:38 GMT
    Cache-Control: public, max-age=31536000
    Age: 58968
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
  • flag-gb
    GET
    http://themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 19812
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:30:01 GMT
    Expires: Mon, 16 Jun 2025 00:30:01 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Age: 36205
  • flag-gb
    GET
    http://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 21520
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:20:25 GMT
    Expires: Mon, 16 Jun 2025 00:20:25 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Age: 36781
  • flag-gb
    GET
    http://themes.googleusercontent.com/static/fonts/roboto/v11/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /static/fonts/roboto/v11/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 20636
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:30:01 GMT
    Expires: Mon, 16 Jun 2025 00:30:01 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Age: 36205
  • flag-gb
    GET
    http://themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: themes.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
    Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
    Timing-Allow-Origin: *
    Content-Length: 22396
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:30:01 GMT
    Expires: Mon, 16 Jun 2025 00:30:01 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
    Content-Type: font/woff
    Age: 36205
  • flag-us
    DNS
    sumberlinksoftwaregratis.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    sumberlinksoftwaregratis.blogspot.com
    IN A
    Response
    sumberlinksoftwaregratis.blogspot.com
    IN CNAME
    blogspot.l.googleusercontent.com
    blogspot.l.googleusercontent.com
    IN A
    142.250.200.1
  • flag-gb
    GET
    http://sumberlinksoftwaregratis.blogspot.com/feeds/posts/summary/-/office?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex
    IEXPLORE.EXE
    Remote address:
    142.250.200.1:80
    Request
    GET /feeds/posts/summary/-/office?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: sumberlinksoftwaregratis.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"828a55966e900dc62f18b5d76ddd1faa06a7bcabe4d0d31f2dcfb7420b27b8c2"
    Date: Sun, 16 Jun 2024 10:33:26 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Sun, 16 Jun 2024 10:33:27 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Wed, 20 Mar 2024 13:33:10 GMT
    Content-Encoding: gzip
    Content-Length: 1063
    X-Frame-Options: SAMEORIGIN
  • flag-gb
    GET
    http://sumberlinksoftwaregratis.blogspot.com/feeds/posts/summary/-/office?alt=json-in-script&orderby=updated&start-index=1&max-results=7&callback=showRelatedPost
    IEXPLORE.EXE
    Remote address:
    142.250.200.1:80
    Request
    GET /feeds/posts/summary/-/office?alt=json-in-script&orderby=updated&start-index=1&max-results=7&callback=showRelatedPost HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: sumberlinksoftwaregratis.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"2e359944587e68f638a76f8653de4db5c52e0bdc06c80b9e2863e339c87accf1"
    Date: Sun, 16 Jun 2024 10:33:27 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Sun, 16 Jun 2024 10:33:28 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Wed, 20 Mar 2024 13:33:10 GMT
    Content-Encoding: gzip
    Content-Length: 2535
    X-Frame-Options: SAMEORIGIN
  • flag-gb
    GET
    http://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:80
    Request
    GET /comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Moved Temporarily
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Location: https://accounts.google.com/ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&go=true
    Content-Type: text/html; charset=UTF-8
    Content-Encoding: gzip
    Date: Sun, 16 Jun 2024 10:33:26 GMT
    Expires: Sun, 16 Jun 2024 10:33:26 GMT
    Cache-Control: private, max-age=0
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    Content-Security-Policy: frame-ancestors 'self'
    X-XSS-Protection: 1; mode=block
    Content-Length: 341
    Server: GSE
  • flag-gb
    GET
    http://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    IEXPLORE.EXE
    Remote address:
    142.250.178.9:80
    Request
    GET /comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Moved Temporarily
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Location: https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    Content-Type: text/html; charset=UTF-8
    Content-Encoding: gzip
    Date: Sun, 16 Jun 2024 10:33:27 GMT
    Expires: Sun, 16 Jun 2024 10:33:27 GMT
    Cache-Control: private, max-age=0
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    Content-Security-Policy: frame-ancestors 'self'
    X-XSS-Protection: 1; mode=block
    Content-Length: 277
    Server: GSE
  • flag-us
    DNS
    apis.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apis.google.com
    IN A
    Response
    apis.google.com
    IN CNAME
    plus.l.google.com
    plus.l.google.com
    IN A
    142.250.200.14
  • flag-gb
    GET
    https://apis.google.com/js/plusone.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /js/plusone.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Date: Sun, 16 Jun 2024 10:33:26 GMT
    Expires: Sun, 16 Jun 2024 10:33:26 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "f9177ff6f5150176"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 56667
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 15 Jun 2024 20:35:44 GMT
    Expires: Sun, 15 Jun 2025 20:35:44 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 06 May 2024 15:31:30 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 50262
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 35064
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:26:17 GMT
    Expires: Mon, 16 Jun 2025 00:26:17 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 06 May 2024 15:31:30 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 36429
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=true&size=medium&origin=file%3A%2F%2F&url=http%3A%2F%2Fsumberlinksoftwaregratis.blogspot.com%2F2013%2F03%2Fdownload-abi-word-beta-word-processor.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /u/0/se/0/_/+1/fastbutton?usegapi=1&count=true&size=medium&origin=file%3A%2F%2F&url=http%3A%2F%2Fsumberlinksoftwaregratis.blogspot.com%2F2013%2F03%2Fdownload-abi-word-beta-word-processor.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: http://developers.google.com/
    Cross-Origin-Resource-Policy: cross-origin
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Sun, 16 Jun 2024 10:33:26 GMT
    Expires: Sun, 16 Jun 2024 11:03:26 GMT
    Cache-Control: public, max-age=1800
    Server: sffe
    Content-Length: 226
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://apis.google.com/js/rpc:shindig_random.js?onload=init
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Date: Sun, 16 Jun 2024 10:33:27 GMT
    Expires: Sun, 16 Jun 2024 10:33:27 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "101700247f013dff"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 23998
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:17:50 GMT
    Expires: Mon, 16 Jun 2025 00:17:50 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 06 May 2024 15:31:30 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 36937
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    developers.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    developers.google.com
    IN A
    Response
    developers.google.com
    IN A
    216.58.201.110
  • flag-us
    DNS
    accounts.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    accounts.google.com
    IN A
    Response
    accounts.google.com
    IN A
    142.250.27.84
  • flag-gb
    GET
    http://developers.google.com/
    IEXPLORE.EXE
    Remote address:
    216.58.201.110:80
    Request
    GET / HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: developers.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: https://developers.google.com/
    X-Cloud-Trace-Context: 8f02e7794a1cb94b2757fdaff4a17282
    Date: Sun, 16 Jun 2024 10:33:27 GMT
    Content-Type: text/html
    Server: Google Frontend
    Content-Length: 0
  • flag-nl
    GET
    https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    IEXPLORE.EXE
    Remote address:
    142.250.27.84:443
    Request
    GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: accounts.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sun, 16 Jun 2024 10:33:27 GMT
    Content-Security-Policy: script-src 'nonce-zzWB_EV2vVvd53-gOTW2Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
    Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
    Cross-Origin-Resource-Policy: same-site
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-nl
    GET
    https://accounts.google.com/ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&go=true
    IEXPLORE.EXE
    Remote address:
    142.250.27.84:443
    Request
    GET /ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&go=true HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: accounts.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Content-Type: application/binary
    Set-Cookie: __Host-GAPS=1:JKcOm-5Mw9Gdk8uQCUPJdrXXUB3M7A:-zI4xnY6umGQwWun; Expires=Tue, 16-Jun-2026 10:33:27 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sun, 16 Jun 2024 10:33:27 GMT
    Location: http://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    Strict-Transport-Security: max-age=31536000; includeSubDomains
    Content-Security-Policy: script-src 'nonce-xYU2OjG5E_wDiPrEnX3a_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
    Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    Cross-Origin-Opener-Policy: unsafe-none
    Cross-Origin-Resource-Policy: cross-origin
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://developers.google.com/
    IEXPLORE.EXE
    Remote address:
    216.58.201.110:443
    Request
    GET / HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: developers.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Last-Modified: Wed, 12 Jun 2024 19:36:01 GMT
    Content-Type: text/html; charset=utf-8
    Vary: Cookie
    Vary: Accept-Encoding
    Set-Cookie: _ga_devsite=GA1.3.309307654.1718534008; Expires=Tue, 16 Jun 2026 10:33:28 GMT; Max-Age=63072000; Path=/
    Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-eeyi2AEVRU/6G1THJ5MK4sLTCZ7CLR' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
    Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 0
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, must-revalidate
    Expires: 0
    Pragma: no-cache
    Content-Encoding: gzip
    X-Cloud-Trace-Context: e34e3681a54b3ad91165c82c81806308
    Date: Sun, 16 Jun 2024 10:33:28 GMT
    Server: Google Frontend
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    ssl.gstatic.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ssl.gstatic.com
    IN A
    Response
    ssl.gstatic.com
    IN A
    172.217.169.3
  • flag-gb
    GET
    https://ssl.gstatic.com/accounts/o/544727282-postmessagerelay.js
    IEXPLORE.EXE
    Remote address:
    172.217.169.3:443
    Request
    GET /accounts/o/544727282-postmessagerelay.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ssl.gstatic.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="federated-signon-mpm-access"
    Report-To: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
    Content-Length: 4842
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:38:34 GMT
    Expires: Mon, 16 Jun 2025 00:38:34 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Thu, 13 Jun 2024 00:06:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 35693
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    www.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    142.250.187.196
  • flag-gb
    GET
    https://www.google.com/js/bg/uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.196:443
    Request
    GET /js/bg/uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
    Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
    Content-Length: 24059
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sun, 16 Jun 2024 00:53:39 GMT
    Expires: Mon, 16 Jun 2025 00:53:39 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 03 Jun 2024 09:30:00 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 34789
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-be
    DNS
    iexplore.exe
    Remote address:
    88.221.83.185:80
    Response
    HTTP/1.0 408 Request Time-out
    Server: AkamaiGHost
    Mime-Version: 1.0
    Date: Sun, 16 Jun 2024 10:34:11 GMT
    Content-Type: text/html
    Content-Length: 314
    Expires: Sun, 16 Jun 2024 10:34:11 GMT
  • flag-be
    GET
    http://www.bing.com/favicon.ico
    iexplore.exe
    Remote address:
    88.221.83.185:80
    Request
    GET /favicon.ico HTTP/1.1
    Accept: */*
    UA-CPU: AMD64
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; Trident/7.0; rv:11.0) like Gecko
    Host: www.bing.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cache-Control: public, max-age=15552000
    Content-Length: 4286
    Content-Type: image/x-icon
    Last-Modified: Mon, 01 Jan 1601 00:00:00 GMT
    X-EventID: 65fbe685b41b45a4979cc9286ece04ef
    Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
    UserAgentReductionOptOut: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
    Content-Security-Policy-Report-Only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-ChLrZoAOTZpgIKJnIu1hYw7P7/gRqNNSI0X3DOJUsnU='; base-uri 'self';report-to csp-endpoint
    Report-To: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
    X-MSEdge-Ref: Ref A: B5FA2088C192478C8C85D2E6EFA53197 Ref B: AMS04EDGE2111 Ref C: 2024-03-21T07:49:25Z
    Date: Sun, 16 Jun 2024 10:33:36 GMT
    Connection: keep-alive
    X-CDN-TraceID: 0.b553dd58.1718534016.7329825
  • flag-nl
    GET
    https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    IEXPLORE.EXE
    Remote address:
    142.250.27.84:443
    Request
    GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: accounts.google.com
    Connection: Keep-Alive
    Cookie: __Host-GAPS=1:JKcOm-5Mw9Gdk8uQCUPJdrXXUB3M7A:-zI4xnY6umGQwWun
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Sun, 16 Jun 2024 10:34:28 GMT
    Content-Security-Policy: require-trusted-types-for 'script';report-uri /o/cspreport
    Content-Security-Policy: script-src 'nonce-nVzWLUv9zq2l_86uOwC1-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
    Cross-Origin-Resource-Policy: same-site
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • 142.250.178.9:443
    https://www.blogger.com/img/cmt/close.gif
    tls, http
    IEXPLORE.EXE
    1.8kB
    13.7kB
    15
    15

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/img/cmt/close.gif

    HTTP Response

    200
  • 35.233.77.94:80
    cache.filehippo.com
    IEXPLORE.EXE
    190 B
    132 B
    4
    3
  • 142.250.178.9:443
    https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css
    tls, http
    IEXPLORE.EXE
    3.1kB
    69.8kB
    36
    58

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/1281339923-widgets.js

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.css

    HTTP Response

    200
  • 142.250.180.10:443
    https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
    tls, http
    IEXPLORE.EXE
    1.7kB
    41.4kB
    24
    34

    HTTP Request

    GET https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

    HTTP Response

    200
  • 35.233.77.94:80
    http://cache.filehippo.com/img/ex/451__abiWord1.png
    http
    IEXPLORE.EXE
    567 B
    582 B
    6
    5

    HTTP Request

    GET http://cache.filehippo.com/img/ex/451__abiWord1.png

    HTTP Response

    308
  • 142.250.178.9:443
    https://www.blogger.com/static/v1/jsbin/3962873971-comment_from_post_iframe.js
    tls, http
    IEXPLORE.EXE
    1.2kB
    10.2kB
    12
    12

    HTTP Request

    GET https://www.blogger.com/static/v1/jsbin/3962873971-comment_from_post_iframe.js

    HTTP Response

    200
  • 142.250.180.10:443
    ajax.googleapis.com
    tls
    IEXPLORE.EXE
    658 B
    5.0kB
    8
    7
  • 142.250.178.9:443
    https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek
    tls, http
    IEXPLORE.EXE
    3.8kB
    61.8kB
    35
    56

    HTTP Request

    GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7307659999195046705&zx=ae39caba-6a96-469b-99c8-73e6e811d3d1

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/static/v1/jsbin/1697667608-cmt.js

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek

    HTTP Response

    200
  • 104.22.70.197:80
    static.addtoany.com
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 104.22.70.197:80
    http://static.addtoany.com/menu/page.js
    http
    IEXPLORE.EXE
    492 B
    697 B
    5
    3

    HTTP Request

    GET http://static.addtoany.com/menu/page.js

    HTTP Response

    301
  • 142.250.180.1:80
    http://2.bp.blogspot.com/-MjwypLkkJik/UdfYV87_ChI/AAAAAAAAAZs/0YS9W0rLJYs/w72-h72-p-k-no-nu/Diet+MP3.png
    http
    IEXPLORE.EXE
    758 B
    11.8kB
    9
    11

    HTTP Request

    GET http://2.bp.blogspot.com/-MjwypLkkJik/UdfYV87_ChI/AAAAAAAAAZs/0YS9W0rLJYs/w72-h72-p-k-no-nu/Diet+MP3.png

    HTTP Response

    200
  • 142.250.180.1:80
    http://2.bp.blogspot.com/-iSx56Yp8o28/U76sWfze3DI/AAAAAAAAAZk/vAMnDn3dm0E/user.jpg
    http
    IEXPLORE.EXE
    1.1kB
    8.5kB
    9
    10

    HTTP Request

    GET http://2.bp.blogspot.com/-ziR1vJXzO9Y/UZpBJ5vQyGI/AAAAAAAAAOY/TbwAt-lBjnE/w72-h72-p-k-no-nu/movi+creator.jpg

    HTTP Response

    200

    HTTP Request

    GET http://2.bp.blogspot.com/-iSx56Yp8o28/U76sWfze3DI/AAAAAAAAAZk/vAMnDn3dm0E/user.jpg

    HTTP Response

    200
  • 142.250.180.1:80
    http://1.bp.blogspot.com/-RfqN9Hj4Big/Uc5thNT9_fI/AAAAAAAAAXM/8NjyMURhcwg/w72-h72-p-k-no-nu/software-sms-broadcast.jpg
    http
    IEXPLORE.EXE
    634 B
    4.0kB
    6
    5

    HTTP Request

    GET http://1.bp.blogspot.com/-RfqN9Hj4Big/Uc5thNT9_fI/AAAAAAAAAXM/8NjyMURhcwg/w72-h72-p-k-no-nu/software-sms-broadcast.jpg

    HTTP Response

    200
  • 142.250.180.1:443
    https://1.bp.blogspot.com/-G-ESOOfFPyI/Wce0IIxhfdI/AAAAAAAAGVs/BwHPBi7alX0pNEtC-o974z3BMS3E-R5egCPcBGAYYCw/s320/BANER%2BHP.jpg
    tls, http
    IEXPLORE.EXE
    1.8kB
    48.3kB
    24
    39

    HTTP Request

    GET https://1.bp.blogspot.com/-G-ESOOfFPyI/Wce0IIxhfdI/AAAAAAAAGVs/BwHPBi7alX0pNEtC-o974z3BMS3E-R5egCPcBGAYYCw/s320/BANER%2BHP.jpg

    HTTP Response

    200
  • 142.250.180.1:80
    http://2.bp.blogspot.com/-0yDPFw1Ipx8/UuDAA4BHOhI/AAAAAAAABJQ/p3pfgJwAvfM/w72-h72-p-k-no-nu/game+dewasa+seks+virtual.jpg
    http
    IEXPLORE.EXE
    636 B
    4.6kB
    6
    6

    HTTP Request

    GET http://2.bp.blogspot.com/-0yDPFw1Ipx8/UuDAA4BHOhI/AAAAAAAABJQ/p3pfgJwAvfM/w72-h72-p-k-no-nu/game+dewasa+seks+virtual.jpg

    HTTP Response

    200
  • 142.250.180.1:80
    http://1.bp.blogspot.com/-hbx6jkvHjuM/UV9NDnHabYI/AAAAAAAAAD0/FBdLgrvV6FQ/w72-h72-p-k-no-nu/win7codecs110final+copy.jpg
    http
    IEXPLORE.EXE
    635 B
    3.7kB
    6
    5

    HTTP Request

    GET http://1.bp.blogspot.com/-hbx6jkvHjuM/UV9NDnHabYI/AAAAAAAAAD0/FBdLgrvV6FQ/w72-h72-p-k-no-nu/win7codecs110final+copy.jpg

    HTTP Response

    200
  • 93.184.220.66:80
    platform.twitter.com
    IEXPLORE.EXE
    190 B
    132 B
    4
    3
  • 93.184.220.66:80
    http://platform.twitter.com/widgets.js
    http
    IEXPLORE.EXE
    951 B
    29.2kB
    15
    23

    HTTP Request

    GET http://platform.twitter.com/widgets.js

    HTTP Response

    200
  • 142.250.180.1:80
    http://3.bp.blogspot.com/-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png
    http
    IEXPLORE.EXE
    1.0kB
    7.1kB
    8
    9

    HTTP Request

    GET http://3.bp.blogspot.com/-jhqnzWvo0nc/T98XbKrLflI/AAAAAAAAAZo/r3vvCQiLcYI/w72-h72-p-k-no-nu/ps1-horz.jpg

    HTTP Response

    200

    HTTP Request

    GET http://3.bp.blogspot.com/-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png

    HTTP Response

    200
  • 142.250.180.1:80
    1.bp.blogspot.com
    IEXPLORE.EXE
    144 B
    52 B
    3
    1
  • 142.250.178.9:443
    https://resources.blogblog.com/img/anon36.png
    tls, http
    IEXPLORE.EXE
    2.2kB
    9.1kB
    15
    12

    HTTP Request

    GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png

    HTTP Response

    200

    HTTP Request

    GET https://resources.blogblog.com/img/blank.gif

    HTTP Response

    200

    HTTP Request

    GET https://resources.blogblog.com/img/anon36.png

    HTTP Response

    200
  • 142.250.178.9:443
    resources.blogblog.com
    tls
    IEXPLORE.EXE
    661 B
    4.6kB
    8
    7
  • 172.217.16.225:443
    lh4.googleusercontent.com
    tls
    IEXPLORE.EXE
    710 B
    9.5kB
    9
    10
  • 172.217.16.225:443
    https://lh4.googleusercontent.com/proxy/GWGyTaNEosAxFGRuVzjD6EYmQe5SHqER46yMmJ3GZ0Vu78WnyfwhvevitHQL6JDe0STl6K981--luf4Jy0B5fio5GPNUBKT2nRqVJBJx=w72-h72-p-k-no-nu
    tls, http
    IEXPLORE.EXE
    1.2kB
    11.8kB
    11
    13

    HTTP Request

    GET https://lh4.googleusercontent.com/proxy/GWGyTaNEosAxFGRuVzjD6EYmQe5SHqER46yMmJ3GZ0Vu78WnyfwhvevitHQL6JDe0STl6K981--luf4Jy0B5fio5GPNUBKT2nRqVJBJx=w72-h72-p-k-no-nu

    HTTP Response

    404
  • 142.250.180.1:80
    http://4.bp.blogspot.com/-jniNtC-3r-E/UY0K_oDCViI/AAAAAAAAALo/iJ3YT-9QwSI/w72-h72-p-k-no-nu/logsim.jpg
    http
    IEXPLORE.EXE
    618 B
    4.0kB
    6
    5

    HTTP Request

    GET http://4.bp.blogspot.com/-jniNtC-3r-E/UY0K_oDCViI/AAAAAAAAALo/iJ3YT-9QwSI/w72-h72-p-k-no-nu/logsim.jpg

    HTTP Response

    200
  • 142.250.180.1:80
    http://4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png
    http
    IEXPLORE.EXE
    1.0kB
    5.8kB
    8
    8

    HTTP Request

    GET http://4.bp.blogspot.com/-v6LKb327dL0/UWF_dxz5SvI/AAAAAAAAAEk/VCChg_l8QS4/w72-h72-p-k-no-nu/Mas+Paper.jpg

    HTTP Response

    200

    HTTP Request

    GET http://4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png

    HTTP Response

    200
  • 104.22.70.197:443
    https://static.addtoany.com/menu/eso.BRQnzO8v.js
    tls, http
    IEXPLORE.EXE
    2.5kB
    40.6kB
    28
    39

    HTTP Request

    GET https://static.addtoany.com/menu/page.js

    HTTP Response

    200

    HTTP Request

    GET https://static.addtoany.com/menu/sm.25.html

    HTTP Response

    200

    HTTP Request

    GET https://static.addtoany.com/menu/eso.BRQnzO8v.js

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 216.239.32.29:80
    http://pki.goog/gsr1/gsr1.crt
    http
    IEXPLORE.EXE
    351 B
    1.8kB
    5
    4

    HTTP Request

    GET http://pki.goog/gsr1/gsr1.crt

    HTTP Response

    200
  • 23.14.90.91:80
    http://apps.identrust.com/roots/dstrootcax3.p7c
    http
    IEXPLORE.EXE
    369 B
    1.6kB
    5
    4

    HTTP Request

    GET http://apps.identrust.com/roots/dstrootcax3.p7c

    HTTP Response

    200
  • 23.55.97.11:80
    http://x2.c.lencr.org/
    http
    IEXPLORE.EXE
    396 B
    1.3kB
    6
    4

    HTTP Request

    GET http://x2.c.lencr.org/

    HTTP Response

    200
  • 96.126.123.244:80
    http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5Cb30cb754b2a2f18e3bfc1832738968dd_JaffaCakes118.html
    http
    IEXPLORE.EXE
    607 B
    580 B
    5
    4

    HTTP Request

    GET http://jqueryapi.info/?getsrc=ok&ref=&url=file%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5Cb30cb754b2a2f18e3bfc1832738968dd_JaffaCakes118.html

    HTTP Response

    200
  • 96.126.123.244:80
    jqueryapi.info
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 172.217.16.225:80
    http://themes.googleusercontent.com/static/fonts/roboto/v11/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff
    http
    IEXPLORE.EXE
    868 B
    21.4kB
    12
    18

    HTTP Request

    GET http://themes.googleusercontent.com/static/fonts/roboto/v11/Hgo13k-tfSpn0qi1SFdUfT8E0i7KZn-EPnyo3HZu7kw.woff

    HTTP Response

    200
  • 172.217.16.225:80
    http://themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff
    http
    IEXPLORE.EXE
    939 B
    22.6kB
    14
    19

    HTTP Request

    GET http://themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff

    HTTP Response

    200
  • 172.217.16.225:80
    http://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
    http
    IEXPLORE.EXE
    1.7kB
    44.1kB
    23
    35

    HTTP Request

    GET http://themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff

    HTTP Response

    200

    HTTP Request

    GET http://themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff

    HTTP Response

    200
  • 172.217.16.225:80
    http://themes.googleusercontent.com/static/fonts/roboto/v11/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff
    http
    IEXPLORE.EXE
    966 B
    23.0kB
    14
    19

    HTTP Request

    GET http://themes.googleusercontent.com/static/fonts/roboto/v11/RxZJdnzeo3R5zSexge8UUT8E0i7KZn-EPnyo3HZu7kw.woff

    HTTP Response

    200
  • 172.217.16.225:80
    http://themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff
    http
    IEXPLORE.EXE
    966 B
    25.2kB
    14
    20

    HTTP Request

    GET http://themes.googleusercontent.com/static/fonts/roboto/v11/1pO9eUAp8pSF8VnRTP3xnvesZW2xOQ-xsNqO47m55DA.woff

    HTTP Response

    200
  • 104.22.70.197:443
    static.addtoany.com
    tls
    IEXPLORE.EXE
    834 B
    5.3kB
    11
    10
  • 142.250.200.1:80
    http://sumberlinksoftwaregratis.blogspot.com/feeds/posts/summary/-/office?alt=json-in-script&orderby=updated&start-index=1&max-results=7&callback=showRelatedPost
    http
    IEXPLORE.EXE
    1.1kB
    5.0kB
    8
    8

    HTTP Request

    GET http://sumberlinksoftwaregratis.blogspot.com/feeds/posts/summary/-/office?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex

    HTTP Response

    200

    HTTP Request

    GET http://sumberlinksoftwaregratis.blogspot.com/feeds/posts/summary/-/office?alt=json-in-script&orderby=updated&start-index=1&max-results=7&callback=showRelatedPost

    HTTP Response

    200
  • 142.250.200.1:80
    sumberlinksoftwaregratis.blogspot.com
    IEXPLORE.EXE
    144 B
    52 B
    3
    1
  • 172.217.16.225:80
    themes.googleusercontent.com
    IEXPLORE.EXE
    144 B
    52 B
    3
    1
  • 142.250.178.9:80
    http://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1
    http
    IEXPLORE.EXE
    1.0kB
    2.5kB
    7
    7

    HTTP Request

    GET http://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489

    HTTP Response

    302

    HTTP Request

    GET http://www.blogger.com/comment-iframe.g?blogID=7307659999195046705&postID=8645196291890690340&blogspotRpcToken=5070489&bpli=1

    HTTP Response

    302
  • 142.250.200.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
    tls, http
    IEXPLORE.EXE
    2.8kB
    88.8kB
    39
    69

    HTTP Request

    GET https://apis.google.com/js/plusone.js

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

    HTTP Response

    200
  • 142.250.200.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs
    tls, http
    IEXPLORE.EXE
    1.7kB
    42.5kB
    22
    35

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

    HTTP Response

    200
  • 142.250.200.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
    tls, http
    IEXPLORE.EXE
    3.1kB
    34.7kB
    23
    32

    HTTP Request

    GET https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&count=true&size=medium&origin=file%3A%2F%2F&url=http%3A%2F%2Fsumberlinksoftwaregratis.blogspot.com%2F2013%2F03%2Fdownload-abi-word-beta-word-processor.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

    HTTP Response

    301

    HTTP Request

    GET https://apis.google.com/js/rpc:shindig_random.js?onload=init

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

    HTTP Response

    200
  • 216.58.201.110:80
    http://developers.google.com/
    http
    IEXPLORE.EXE
    486 B
    371 B
    5
    3

    HTTP Request

    GET http://developers.google.com/

    HTTP Response

    301
  • 216.58.201.110:80
    developers.google.com
    IEXPLORE.EXE
    144 B
    52 B
    3
    1
  • 142.250.27.84:443
    https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    tls, http
    IEXPLORE.EXE
    1.3kB
    6.1kB
    11
    12

    HTTP Request

    GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

    HTTP Response

    200
  • 142.250.27.84:443
    https://accounts.google.com/ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&go=true
    tls, http
    IEXPLORE.EXE
    1.4kB
    6.3kB
    10
    11

    HTTP Request

    GET https://accounts.google.com/ServiceLogin?passive=true&continue=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&followup=http://www.blogger.com/comment-iframe.g?blogID%3D7307659999195046705%26postID%3D8645196291890690340%26blogspotRpcToken%3D5070489%26bpli%3D1&go=true

    HTTP Response

    302
  • 216.58.201.110:443
    https://developers.google.com/
    tls, http
    IEXPLORE.EXE
    2.0kB
    42.8kB
    30
    38

    HTTP Request

    GET https://developers.google.com/

    HTTP Response

    200
  • 172.217.169.3:443
    ssl.gstatic.com
    tls
    IEXPLORE.EXE
    706 B
    4.7kB
    9
    8
  • 172.217.169.3:443
    https://ssl.gstatic.com/accounts/o/544727282-postmessagerelay.js
    tls, http
    IEXPLORE.EXE
    1.3kB
    10.7kB
    11
    12

    HTTP Request

    GET https://ssl.gstatic.com/accounts/o/544727282-postmessagerelay.js

    HTTP Response

    200
  • 142.250.187.196:443
    www.google.com
    tls
    IEXPLORE.EXE
    1.0kB
    4.7kB
    16
    9
  • 142.250.187.196:443
    https://www.google.com/js/bg/uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek.js
    tls, http
    IEXPLORE.EXE
    1.6kB
    30.8kB
    18
    26

    HTTP Request

    GET https://www.google.com/js/bg/uzLmB-hD-fj2VMQZKsG8SEy_6Kb5a8vndyfTSmYVJek.js

    HTTP Response

    200
  • 216.58.201.110:443
    developers.google.com
    tls
    IEXPLORE.EXE
    479 B
    315 B
    5
    4
  • 88.221.83.185:80
    www.bing.com
    http
    iexplore.exe
    288 B
    694 B
    6
    4

    HTTP Response

    408
  • 88.221.83.185:80
    http://www.bing.com/favicon.ico
    http
    iexplore.exe
    588 B
    5.9kB
    8
    8

    HTTP Request

    GET http://www.bing.com/favicon.ico

    HTTP Response

    200
  • 142.250.27.84:443
    https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
    tls, http
    IEXPLORE.EXE
    1.2kB
    1.7kB
    8
    7

    HTTP Request

    GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__

    HTTP Response

    200
  • 142.250.27.84:443
    accounts.google.com
    tls
    IEXPLORE.EXE
    477 B
    315 B
    5
    4
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
    7.6kB
    9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
    7.6kB
    9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    831 B
    7.7kB
    10
    13
  • 8.8.8.8:53
    ajax.googleapis.com
    dns
    IEXPLORE.EXE
    65 B
    81 B
    1
    1

    DNS Request

    ajax.googleapis.com

    DNS Response

    142.250.180.10

  • 8.8.8.8:53
    www.blogger.com
    dns
    IEXPLORE.EXE
    61 B
    108 B
    1
    1

    DNS Request

    www.blogger.com

    DNS Response

    142.250.178.9

  • 8.8.8.8:53
    resources.blogblog.com
    dns
    IEXPLORE.EXE
    68 B
    115 B
    1
    1

    DNS Request

    resources.blogblog.com

    DNS Response

    142.250.178.9

  • 8.8.8.8:53
    cache.filehippo.com
    dns
    IEXPLORE.EXE
    65 B
    81 B
    1
    1

    DNS Request

    cache.filehippo.com

    DNS Response

    35.233.77.94

  • 8.8.8.8:53
    platform.twitter.com
    dns
    IEXPLORE.EXE
    66 B
    241 B
    1
    1

    DNS Request

    platform.twitter.com

    DNS Response

    93.184.220.66

  • 8.8.8.8:53
    static.addtoany.com
    dns
    IEXPLORE.EXE
    65 B
    113 B
    1
    1

    DNS Request

    static.addtoany.com

    DNS Response

    104.22.70.197
    104.22.71.197
    172.67.39.148

  • 8.8.8.8:53
    3.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    3.bp.blogspot.com

    DNS Response

    142.250.180.1

  • 8.8.8.8:53
    lh4.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh4.googleusercontent.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    2.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    2.bp.blogspot.com

    DNS Response

    142.250.180.1

  • 8.8.8.8:53
    4.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    4.bp.blogspot.com

    DNS Response

    142.250.180.1

  • 8.8.8.8:53
    1.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    1.bp.blogspot.com

    DNS Response

    142.250.180.1

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    pki.goog
    dns
    IEXPLORE.EXE
    54 B
    70 B
    1
    1

    DNS Request

    pki.goog

    DNS Response

    216.239.32.29

  • 8.8.8.8:53
    apps.identrust.com
    dns
    IEXPLORE.EXE
    64 B
    165 B
    1
    1

    DNS Request

    apps.identrust.com

    DNS Response

    23.14.90.91
    23.14.90.73

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    23.34.233.128

  • 8.8.8.8:53
    x2.c.lencr.org
    dns
    IEXPLORE.EXE
    60 B
    165 B
    1
    1

    DNS Request

    x2.c.lencr.org

    DNS Response

    23.55.97.11

  • 8.8.8.8:53
    jqueryapi.info
    dns
    IEXPLORE.EXE
    60 B
    252 B
    1
    1

    DNS Request

    jqueryapi.info

    DNS Response

    96.126.123.244
    45.33.30.197
    198.58.118.167
    72.14.185.43
    45.79.19.196
    45.33.2.79
    45.33.23.183
    72.14.178.174
    45.33.20.235
    173.255.194.134
    45.33.18.44
    45.56.79.23

  • 8.8.8.8:53
    themes.googleusercontent.com
    dns
    IEXPLORE.EXE
    74 B
    119 B
    1
    1

    DNS Request

    themes.googleusercontent.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    sumberlinksoftwaregratis.blogspot.com
    dns
    IEXPLORE.EXE
    83 B
    142 B
    1
    1

    DNS Request

    sumberlinksoftwaregratis.blogspot.com

    DNS Response

    142.250.200.1

  • 8.8.8.8:53
    apis.google.com
    dns
    IEXPLORE.EXE
    61 B
    98 B
    1
    1

    DNS Request

    apis.google.com

    DNS Response

    142.250.200.14

  • 8.8.8.8:53
    developers.google.com
    dns
    IEXPLORE.EXE
    67 B
    83 B
    1
    1

    DNS Request

    developers.google.com

    DNS Response

    216.58.201.110

  • 8.8.8.8:53
    accounts.google.com
    dns
    IEXPLORE.EXE
    65 B
    81 B
    1
    1

    DNS Request

    accounts.google.com

    DNS Response

    142.250.27.84

  • 8.8.8.8:53
    ssl.gstatic.com
    dns
    IEXPLORE.EXE
    61 B
    77 B
    1
    1

    DNS Request

    ssl.gstatic.com

    DNS Response

    172.217.169.3

  • 8.8.8.8:53
    www.google.com
    dns
    IEXPLORE.EXE
    60 B
    76 B
    1
    1

    DNS Request

    www.google.com

    DNS Response

    142.250.187.196

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    c450bcc92705c42710bf76dd0e5cdea5

    SHA1

    ba084bc9b5b4f10a53a1d02f35c842c8c6700936

    SHA256

    77e3d011a232324a9445e8aef94b3bdd272e02291d25bfd5e3acab0d2da41bd7

    SHA512

    c074a8648d87ba60886761a924bb21257434eeecdaad72c5d4a64f887bad14b42d21a33af6278fcdef34bcf4958014059248fdf8c3631825131e2c0cd12b0bb5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4A9377E7E528F7E56B69A81C500ABC24

    Filesize

    889B

    MD5

    3e455215095192e1b75d379fb187298a

    SHA1

    b1bc968bd4f49d622aa89a81f2150152a41d829c

    SHA256

    ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99

    SHA512

    54ba004d5435e8b10531431c392ed99776120d363808137de7eb59030463f863cadd02bdf918f596b6d20964b31725c2363cd7601799caa9360a1c36fe819fbd

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

    Filesize

    724B

    MD5

    ac89a852c2aaa3d389b2d2dd312ad367

    SHA1

    8f421dd6493c61dbda6b839e2debb7b50a20c930

    SHA256

    0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

    SHA512

    c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_9C829FEB28AE2567EF9C0AB23D232453

    Filesize

    471B

    MD5

    50843afcec5b666e4a5c17471a503377

    SHA1

    589bf7a12f7df4f3d66a3ac605afbc7c95aae8ee

    SHA256

    af066660192ff6b611f51105a81952d2a50a4b6424ec22bf376817a6aaf23e31

    SHA512

    803e5bff225923aef4789e4a4d822e31957582e49322bde002a4138bc4cf16e815323a00df752c1e9ae1c81b49d37db2947ea651f4589ceecf06b3ef0f483b7d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    d8712694e19f503d555e906ce361045b

    SHA1

    74314b1228fbe2d2095e668fe28b9c662dbf8787

    SHA256

    29e13dd830adf8498f2897f6a3da257d72cd5b1b3118771aa3ab1312aca59288

    SHA512

    67dcd266533ac22f19bcec0ce8a7874fedea729c425c729bb180c9b5090aeadd940f2bedbc40b8b7509cf05e5023efb1ed5e6072231ba15baed155b406c5c988

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    786c3925286f47e79d296b46efeb8c33

    SHA1

    0fbde1feab987b2d7235dd5226d95ae23a71534c

    SHA256

    1c9fe61b7cecfcbeab6e2dd9bfe33a9972a63730a3a5a7d52eea229d2aca4573

    SHA512

    59126cc9547aabeccad3db689b758ed76a559a6ce4d83d2a6489384eb5933b44563e82af8349cc543860513a9eb60203448e88f29470f9cbbfaa5a571877589b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24

    Filesize

    176B

    MD5

    a9143e86518502c7b8663cec5a6321b9

    SHA1

    ecc4af398b00bf56df35fc197a791868f01d3347

    SHA256

    9bcd76e14c2b82c5898175b3c9672a99cad7516022ab92ffee30edc2f46e05cd

    SHA512

    584ffd9b7544a24fafbf9ce8052db5c160260ec6fd881d5d4b8970fd004f9caf513b272ad319df9da14e6523d74521648491bf8b49e56d1a9a1490aeeb3c4184

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4A9377E7E528F7E56B69A81C500ABC24

    Filesize

    176B

    MD5

    ad6dc992f58ca59db7a776cb485792a8

    SHA1

    5b3e4b3723f38093a560d18615376f8e1b83eb26

    SHA256

    b747a48b2fe4d441c82644151f3b909e3f80d31ad9963767fcbde493b08f9595

    SHA512

    90771eb5a7d04feafc6f75ea7f700c888593071cdeb667e838240d94355d38caa39ff0b20e23af9d8145eec0b789095c38485fcea8163a4f02ca31caa2188849

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4ee914228a00f24ec1e83cb82bc46c55

    SHA1

    cefbd12f42afa098586f6ff912692b79e668d920

    SHA256

    e4034bcac8b90fbcf661558b9fb8e7fe490fe39c1821997c94730f5fcfb5874e

    SHA512

    a17f0848c1ae8e7095ed90e329b26ebe868b24b0b2ecf19b346b7f9d5f414a746110d561b9fc8e57d878982e7fb2eefbbe95118e66c52fc7ace879450d72c504

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1be0c4876969e299ba7da3ba88579eda

    SHA1

    7116ddbaebb05c7d395f35155b6ffe144bfc6c5a

    SHA256

    1966fc8d59e8377636690ccfdac40444dc19064a5bdc21ab2b87f8e5774a9011

    SHA512

    413b67270f8faa884dd7b05901d2e83d39586512b85778370acc5901310e084da152e40409bdb960c52413be0c042ce0edf8f72087792570b023a0bb99f8051a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f2e828cdd63ab70210809402ab318129

    SHA1

    fee0e872a1b9b8bb2b12226074fa9bd59bbe0ed6

    SHA256

    f135cffd196f505dde6a750e061e6c0dee467816876096ff5c90c0b3e96b8664

    SHA512

    ce266070ea95056cc1e7df5b3dfd1c0bcee252649328ca15a98a5787e1cfcb2d5930defa97e92959b7dcbf65f5196cc2fc2430fc65f985f8ebda26267c05f48e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8c4229644387d966a06d71643c5f1eb4

    SHA1

    ff01dd9894fb9e42590491d1814bf0f80b1f771b

    SHA256

    11cf963acd47d8558f23bd642e8413a5cab974f5b0aad4674f0745562154b8ef

    SHA512

    e02532be0fb1e8e545676edb6fbc26e4f96fdcd6e55b27a1d13ffe9b49159886f088eb3fb74eaaadd1b45c819ebf70ab649afda5b6ae336051f185c6589eff10

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    42eed27e7b0b440cfb3237f982ed6cfc

    SHA1

    97e3996cb45aa63d2d24f7fde6172a9b44083ebf

    SHA256

    ca8b3dfd7ae5f395180e8a441e8c90a8ffaa782bb0a911823acbeca54809cb6e

    SHA512

    a05c54cb01649773015a2d76bd2f50e5f8dc672c3a0b3f3ecf894dbcd694b04dc5c05a8884e7b550fb6a2242d91bfd2b4ac7c8c143d036f790f8c5d5364daa29

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5d01d78d4d1852a91872f431de8194ee

    SHA1

    24033c556fbd6957df93226c7baebed0da7758c5

    SHA256

    99da3a9ec394533c1b8b42626dcc5463492560f812e5bb8558c43e3eda50f296

    SHA512

    79f5e965ba4d30362acc3ab2b6c2f4959a3b9389b4f7e083f7afb809845384964d1c3306a9d7930ed45c00a96e9a0381080aa33f135a6f1a0ad84d300ebc37c1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    c33028d547480e57bc3ef1b8593b5686

    SHA1

    74bdf0c52e6df73f304e0867469212861c5126f6

    SHA256

    ae26a044c0642d018864c9afa6b4061e0f283a8dc8ce37bd03b9ec182285e059

    SHA512

    f52f9c994e81d55698c0c30d1d587dbe2cc8809d10a373b328938bc996267c2e8538fff1afc7e715364c971c4568fadcb7e66448f382d9984687eb90df2dda30

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    db227ccad1339282710f4a2403901a8c

    SHA1

    4a2602f74666ac39805ea074154e22ba717231cc

    SHA256

    84d0a28505fa6736e7dd47c3131e0f63f3c3f07230dbe812ebd869fc94941f1d

    SHA512

    dbbb28474773b3a7643716fae6342fa525fb357fea1d3306cb6d0c98ae93b4d4a3595f6cac49d474f6232fe2b427dce67010b5cbdc8ae08c1ef42d87bd1b405e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    219376ebd7891fadf4d4c25ee5e866b6

    SHA1

    a864c8ea7ee8e268f4e14f90fe8a006f08994da3

    SHA256

    edb21540a02f256c5b7a95428e53ba93112e35eefda50ed0b6037e31bb3cd643

    SHA512

    920af3697a3b8063ae1b0de9a8460e78c51097df78d1e604d87f4088b031b9f003e67b8b49a7667fd07cd0f36495a79d39c50ddf470fdd0b2dc88d2ce8f79e2d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    be19cefd8c145f9be8b8ad8809a93767

    SHA1

    0e7fd90b7f5ec681e0c1f08554921ba6a8733c94

    SHA256

    73853c2a159eb62a7480fe79926b8b19b1393072b78085dfef8c97cd4092e0b7

    SHA512

    d1dcbdf07420801d7d034eba76b21342617328ab48064dfb36b66b79e14a3483c9b0184680c8b9b1a7b44721a65af2e7dd84921deeeae59e918cfbe57b4c3d2a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3e8f5949d2b7adaac71a7dc4b472b408

    SHA1

    5d81be85764bc383df6e5336ec8292bb318817ff

    SHA256

    da161eaa68b5c02fe595b7f73f5b167c918e79c8d34f5bd2167522acb9b52f74

    SHA512

    305f746b3be8522ab44f33c1bea610a6350664abe63f534a222d9e2a559a3037e65b2544067443d53284e51f8289c3a871d3a8a354224b532dcc49d0418951a2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    65296a9719e5af50d3c9995db265d64b

    SHA1

    150f420a25bc48646a39f732ff9a815bfd6fb710

    SHA256

    71d25839e8c63bb6db44298e1cb89ed718798a35089220f20f3d1745d11657e4

    SHA512

    3ae49746357a3c49b67d233caf782f679a494492361d040e344db14bc8fc3da7913ae2957b8696adcef900665188f2ab576174833f9868deb45d8d48fb12fe79

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    208cb93c4a20d400523478d3ae095bca

    SHA1

    7cd6e479658c635b21219eea86de8ed4d6e8a4ce

    SHA256

    ecbed139bb8a73b8bbcb52a2270215b4ac79935da39f9129ed1a1b3b13950576

    SHA512

    e10a3c636a072007343d1414ef10ed2ce0eb6f7c1abd7680e54adf8412dd2448f413724508f15b53eb239b65f204c3247c53e1f68c09736297f63abd99171dd6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da3e395ff9e3069e841f69ff52848a55

    SHA1

    d59be8b24c3b5ba873fa5d7aa2d0c9860dcb94af

    SHA256

    c35faa82263ee01562665d690f59bb4b14b14dbe75032502bd35e273e2915037

    SHA512

    73454d510b876003500724dfe4ac2f0db768e399b4d9cf1a90fcdbc0be171bbefe9fddd769069d29842fb0b4a02990c829359e708c508124d5559c441cdb56d5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f27bcc56630f427a71f8d98a48192828

    SHA1

    f67951141589db2b0ad643f886282853b9fa26e6

    SHA256

    57095738c73dcbebafcafe2bc4252ef0e04508e4a03125de30b2f625da9b9a7f

    SHA512

    748f014be58d5e439e80e8b29f89818ba60607df2405a04f50bb0fccae763f86efea64ce133ef79e7879051e6da9dcb8715730f6ece3f30d1679d3f287c8802b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bdd897ac7ef2ea5ec4342838dbebffae

    SHA1

    89c6d27e681b8628ec042c75bb4729c44f8b0ee4

    SHA256

    184023f40f13a60320b689cbb07db6e02ccaaa9a8f66a7e56fd06561bd9ed0ea

    SHA512

    1890ebee690dcb131ca30a308dab3d530f62319e7dd77a0fa90c9feb78661226167614ef7c9241bdde9f17ceb5e471e8db76c3ff1739e55dde4261dbcad106e5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a258bae584e01d6c146eca55980cfbd2

    SHA1

    6d38d7dbcd3ca1f0854635fd7dacb0706a04c60b

    SHA256

    07cde0e36409ee9508c6c5e2c74c222d6a5256484c488b1bb3ed6ffc6925415f

    SHA512

    065a2a58b2361f258035350c4a0bb2c7fb91a84d4eb4d177661b5b6b59cb90b40e4c0edff929db790dd7fba642179cb3ed776185c78126fd76309a3567b101d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d0c95bbd6f54c745f14f2640a9caf9f6

    SHA1

    6139e159b37e57abd858325a945bb9be229c5a7c

    SHA256

    3a7b629b13ff0f5d643453fd7a600e0d2095b7a73b5334507f18c6252a7bc1fe

    SHA512

    a870b2053e1457bca64b4d5974daa34051c0525e0ee897df3f939d823b57cfe759fe4e76210bd15b9a971d24f0bb247e78e4214f30452744a368dd2ae043f7d8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    010b1141070d622eb8b67b2f460915d0

    SHA1

    b7dfc60ff91d1eb6bafe00f424b6717c724341fc

    SHA256

    b51ff7fb33ff5408af8da40dd1ea20a2a36ef113bb9e3f4bd32403d1203989b7

    SHA512

    02e6ae5d2bd2fd1a2913306f887490fd151dfa3b00cda8300b2c43e3ef518f8e4f569b895d4a3cd9194c87e2a33fe8c777d600c09b19732abe86905ac22d79af

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    da5fd992807d1993be60c66219251dc8

    SHA1

    23f4c26b9629dc34ecc13f7cc11dd119ec74c6e5

    SHA256

    4b09bebe3ecfa91e392def90aea705f0c50350d37525b150349a7b47fac031d0

    SHA512

    92516e5e033cbe4cdfbd9346d57c6a21a242615eba256cf5714259fbf423c0a2fa19fc0bf51fda5e8d3dfee42acf92e532f2ff5ff05b9427e85fb10bfeba967e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e9f4b14205bb5ceb59ad87dfa24da462

    SHA1

    fb8ef7245e6b555cfc03dc63054c3774c84b9ded

    SHA256

    833df4356c90b1a36bf433fe893536dd86fdeaa101498e421764355463bad9df

    SHA512

    130e71af7388d3203efd7648a3036a9168c8b8ec5c96abae1d764abdf8cea804a1044aaf23c3bc6d6c48e12393e9b3589c9ce84a983cca9bd3a6228a4677e18e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1c76df3a75d7cdc8be9b7c85e175401b

    SHA1

    c6ebf3c476a5fa1e1d85063b72acad3b3a365f2f

    SHA256

    208663f2766a684a21e4d9d278021583d5cab600eb4ae5c03811de112e76c19b

    SHA512

    ca6f4d9484bd997061ff6f27155e52072cd0230367dc567a0d7f5768be1efc233d81df0aade5d8b0c50b521c3b924262fd431ffe404aea5fb7083a23c25f228b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5cb2492a8e45868923eeeb18b2687b9a

    SHA1

    c4867d3dd78b2bb47ae7035fb86a1fddfff3a19c

    SHA256

    5f815a443227599d592ab2ff32563a4e89a007b0c906956b534079ae55026d21

    SHA512

    3da58c852cdbf5d36d37a875f66bccc6b6a1b79f27aab7c3f97578d2e29f07814e771582e96ab5fbe438c9a62d5d6a78b96dceaa791c1572d30d036ff38ca648

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ced3326789d7944027862fb5dbaf2264

    SHA1

    44abbe7d2653dceed3c1087fd0da291c577a3560

    SHA256

    d1fde3f2aea021c1f34e5fd0256b5b86d0fe3043e9b1949de0b78b7d4b9d6be9

    SHA512

    9a0a8ebec8a1a942ce61c81da5db49be5aa83c2656ec781e523e925646a1727b74aa7452da6d78254eb62ad57cfe5b1e3427a7260236ceb8d1475d2cca6e88b3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0d723f9e5a59c312a99ac9630864960f

    SHA1

    ad8faf0ec8cd474b50b7e4d91c838f4eed4a339b

    SHA256

    65a0513d5c6344d98f5c306a5c8ac7ff55fb83ab866791dc0f1b30e7f2961817

    SHA512

    8fea5303235a0916bf7960e7f59050bbccf1d4f7309801acd9bbd05740385432f754bd3025a47949969113a7c7e35880359a4cb0e2e3e6090988c1d30e22c367

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    89c2f4ac62bbec2cbed2be1ba3f50389

    SHA1

    6dac4c52f5374a078f0bef781ce60524b82658af

    SHA256

    5ed26140989223edbd234ebd51b2488d28da506de26e5c6dacfeb2ed5610a1ce

    SHA512

    823a0b5039a1cb3f60bdffba72e1f288f9d8225c6037ba855200c08e13195b4e173ef96c8628fb0bcb102d6ba17ea453b6daa1ad508b1fadca2f40364f97d581

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a0e8650921a792fa25e025600788bc31

    SHA1

    b140cd8e32da53ad8489a3f94e05dbd01926b7a8

    SHA256

    f620be3bec3a20c3d7444e305b8b5cfe29cee91856c945bfb40d66333e1a28f0

    SHA512

    cf00a6c1e1e3565eb76df0738d82a320027a6238217063fae91461dd089f4279fba20e67d503d60b1a4ecba1edc9c94eab83b9525f441f7b64ecdd839398e8b1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c2087d09745fdcdc7924fa88fdc61d2

    SHA1

    89aafb64488c12b5c018f530a4c5baed77ab8351

    SHA256

    1a2c9767238f1a63cd40f5e2796146eb7aaa0d529e84813e3cfeaa6f6de03367

    SHA512

    3e251f3f3e3a8bc725d829fb850f5f12a2dd8d64178c436419e33f89596fd7b86df18a8f08ba8d7d1fe1f3f7448596a25e31a6b8b87b40f43316ca6cd765e1c7

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    75c18187430e393599ac225ce203ff69

    SHA1

    50e38c10ec796ec26ddddb6f70be3646fa0b546f

    SHA256

    c0a7bc8f9278f5825400402bfb82380453afb15d47cf37258d444998cfb84549

    SHA512

    d71516e3663409997c4dbd2f075eabb6fac1533646c32e4e4e1daaf358feaaa91a1dbdf2d7519452cfa8db67f71a3da16c776e8aa2ffbfb82498f3b99db5e6b6

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    1bcc8049112af10ecf38eab9c5493e67

    SHA1

    e5de3157b8a930bdae1bd91668dffdb2709e3df1

    SHA256

    275a81ed8239a9fca61bfa1094df28c6b98f1d17e8313572f0df8fb981c39f26

    SHA512

    b6a9267d840b87aad5f7901df204f87a7e1b1579d65c8982cb38e54c903670c7233afe501fa0b0295cfd2ed2fd5f1715d4659c04c8794517a185cfb0933c9643

  • C:\Users\Admin\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico

    Filesize

    4KB

    MD5

    da597791be3b6e732f0bc8b20e38ee62

    SHA1

    1125c45d285c360542027d7554a5c442288974de

    SHA256

    5b2c34b3c4e8dd898b664dba6c3786e2ff9869eff55d673aa48361f11325ed07

    SHA512

    d8dc8358727590a1ed74dc70356aedc0499552c2dc0cd4f7a01853dd85ceb3aead5fbdc7c75d7da36db6af2448ce5abdff64cebdca3533ecad953c061a9b338e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AMPNVA5U\544727282-postmessagerelay[1].js

    Filesize

    11KB

    MD5

    16f1b19cd042265a234dc208fd7efc64

    SHA1

    02f67c09980ab6057f073d29f4c3f2792257d3a3

    SHA256

    509be2bf36ff013c9a1c31ac54b751aac2401f14496662a16ea8af6903d21b27

    SHA512

    652ce3d209d5d4c1e39f06e41e87a14a3174419b8c9cff8e5683846afb51f9f4939c41fb51a7aee67d9d26db80b370890182ab7df089f826479d3e5e2843566e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXIU5XH1\TQ04WUSD.js

    Filesize

    157B

    MD5

    67e216a27dda24bdcb086c2385b0cb99

    SHA1

    17141c80f5d32bec3691c5ab24741d8b7dd5f0c6

    SHA256

    9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

    SHA512

    802319543dc64cb011bc2684004e878a842b73aa55e4da1141ccb8650cbf42fabbf2b46c730760bbfcc7a140e11700244b9f5da78bafe9fca7ec7825c12b4255

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXIU5XH1\cb=gapi[3].js

    Filesize

    66KB

    MD5

    0fe383a7ddb9bbaefc3105b3297f5583

    SHA1

    f80c9d789f251909c7560bd91a9e1b9a10c26362

    SHA256

    d7ad4aad4e48174c30ef21fc32c9380659d2c99a5c39680e10ed9752139d8683

    SHA512

    31de1f59377bc76e5d602d02273867ce750bbbccb7edc8f2803c0188002ecae6752ac3ec31c2108e64b0d871b01e6a8a06711969dc68bd9823303def0e7c1ee4

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JXIU5XH1\rpc_shindig_random[1].js

    Filesize

    14KB

    MD5

    6a90a8e611705b6e5953757cc549ce8c

    SHA1

    3e7416db7afe4cfdf3980daba308df560b4bede6

    SHA256

    51fdd911dc05b1208911b0123aed6b542e9d9f04c94d7504c63d89ca259ef679

    SHA512

    583636571c015af525cddd5b8dc2ac9964aba5a7a9b0acd3908e4aeb4c2ee74cdfaabe49b0aa13d7b142748542426864e91e88e90d7f73bc647f0bfecb0ff7bd

  • C:\Users\Admin\AppData\Local\Temp\Tar13C5.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.