ad950863763e639d040eb7196a8c1c9cbaccd37849c380da41af82fb21d878a8

Analysis

max time kernel
146s
max time network
151s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28/06/2024, 13:48 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1a5b0dded295c0e2954b43ec199ffce6_JaffaCakes118.html
Size

161KB
MD5

1a5b0dded295c0e2954b43ec199ffce6
SHA1

73ee0d5d2b4924728c016bbc4f60425b03c7f17b
SHA256

ad950863763e639d040eb7196a8c1c9cbaccd37849c380da41af82fb21d878a8
SHA512

34d744dbd1d43d07862d3785ed003a9e67e2891a354c21287b9d6d9527823154901a98b54c3d0975d8911261de11608d1bc51f117173b6c40924c85ffdf1c530
SSDEEP

3072:Ldz2pgpQpxpTpnpoxpRpuUcjvG8rMUcXmNRS7wlwEwlaSXSPD1C09VUVb:oGXmNRg

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 36 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007056e142812fde46b5a4d56086abe86500000000020000000000106600000001000020000000e12c8ae34899f99217eaa9d6283bc4e324ded9f6ab38fcf63e82b7f3dae8a589000000000e8000000002000020000000401eaadf6116b681b38980a5e3121fcc4523b322e49b6c884974c7bc810d6ee29000000081799e53aee00332d662596e9fa8eba14fbdc899f52cc90b1ab085d0d7e2038f0154d0169c2190e954544cf90140beff2ff57616e70ccbc2efa695b3e08db35868b906c157fe5ae79a15a5dbc845f292f6ad3018e3843c9eaed5f010161f4959c883291ef80ce196a41475e426dc872e2b050f029d6547bf3ef4aecc26e6c738136a6fb9ddba2b66b8ee9d673a78e2c040000000f7a727190b4d946138184d0fa72f6ef3e41942d907ada0142f8857cc5abd8bd13a9d0ee532cc49edd87c1411b8121962296a3af0516c332c1b5f223ab38f8920	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\GPU	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\InternetRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = b0f745ec61c9da01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "425744370"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IntelliForms	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Zoom	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\IETld\LowMic	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{15A6CD01-3555-11EF-917A-EA263619F6CB} = "0"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000007056e142812fde46b5a4d56086abe86500000000020000000000106600000001000020000000eb0d2fbca34782518e6d2a356e83ffa8ad1d2c4466f86492fc5811327dd93199000000000e8000000002000020000000381d79eda33c05d9577017e978a371fd3e4349d30570d04902b5ad4c5358ab6220000000bf4cce53347e61f56e7b41d4c737e4e37f460486e9e46dcc74478ddafd864b1740000000951b6a0531cfff96273905863460c4747274f7a0a92c870bc6da72aa790354afb4688372fd7be199a38d0d3668cc3a9844fd56f692d50d28d83509dcfb788cc9	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\PageSetup	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2732	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
2732	iexplore.exe
2732	iexplore.exe
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE
2908	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2732 wrote to memory of 2908	2732	iexplore.exe	28
PID 2732 wrote to memory of 2908	2732	iexplore.exe	28
PID 2732 wrote to memory of 2908	2732	iexplore.exe	28
PID 2732 wrote to memory of 2908	2732	iexplore.exe	28

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1a5b0dded295c0e2954b43ec199ffce6_JaffaCakes118.html
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2732
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:275457 /prefetch:2
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:2908

Network

DNS

www.blogger.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.blogger.com

IN A

Response

www.blogger.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.178.9
DNS

ajax.googleapis.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

172.217.169.74
DNS

apis.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

172.217.16.238
DNS

1.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

1.bp.blogspot.com

IN A

Response

1.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

yourjavascript.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

yourjavascript.com

IN A

Response

yourjavascript.com

IN A

76.223.54.146

yourjavascript.com

IN A

13.248.169.48
DNS

4.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

4.bp.blogspot.com

IN A

Response

4.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

safir85.ucoz.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

safir85.ucoz.com

IN A

Response

safir85.ucoz.com

IN A

193.109.247.16
DNS

2.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

2.bp.blogspot.com

IN A

Response

2.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
DNS

3.bp.blogspot.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

3.bp.blogspot.com

IN A

Response

3.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.180.1
GET

http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

IEXPLORE.EXE

Remote address:

172.217.169.74:80

Request

GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Jun 2024 21:43:34 GMT
Expires: Tue, 24 Jun 2025 21:43:34 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 317090
GET

https://apis.google.com/js/plusone.js

IEXPLORE.EXE

Remote address:

172.217.16.238:443

Request

GET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Fri, 28 Jun 2024 13:48:25 GMT
Expires: Fri, 28 Jun 2024 13:48:25 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "e8a41d6d60c1d068"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

172.217.16.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 57484
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Jun 2024 17:59:52 GMT
Expires: Tue, 24 Jun 2025 17:59:52 GMT
Cache-Control: public, max-age=31536000
Age: 330513
Last-Modified: Thu, 06 Jun 2024 15:21:04 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_1?le=scs

IEXPLORE.EXE

Remote address:

172.217.16.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_1?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 14782
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Jun 2024 22:41:49 GMT
Expires: Tue, 24 Jun 2025 22:41:49 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 06 Jun 2024 15:21:04 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 313596
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/platform:gapi.iframes.style.common.js

IEXPLORE.EXE

Remote address:

172.217.16.238:443

Request

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/navbar.g?targetBlogID=8557606873446166772&blogName=zawlin+template&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://zawlintemplate.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://zawlintemplate.blogspot.com/&vt=-5167728583004535801&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Fri, 28 Jun 2024 13:48:26 GMT
Expires: Fri, 28 Jun 2024 13:48:26 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "e748b51de74a3b81"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

172.217.16.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/navbar.g?targetBlogID=8557606873446166772&blogName=zawlin+template&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://zawlintemplate.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://zawlintemplate.blogspot.com/&vt=-5167728583004535801&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 46436
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Jun 2024 17:57:24 GMT
Expires: Tue, 24 Jun 2025 17:57:24 GMT
Cache-Control: public, max-age=31536000
Age: 330662
Last-Modified: Thu, 06 Jun 2024 15:21:04 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://apis.google.com/js/platform.js

IEXPLORE.EXE

Remote address:

172.217.16.238:443

Request

GET /js/platform.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.IKZeRvoAYNY.O/am%3DAAAQ/d%3D1/rs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%3D__features__&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Fri, 28 Jun 2024 13:48:26 GMT
Expires: Fri, 28 Jun 2024 13:48:26 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "261a1f3ba4714b53"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs

IEXPLORE.EXE

Remote address:

172.217.16.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.IKZeRvoAYNY.O/am%3DAAAQ/d%3D1/rs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%3D__features__&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 46436
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Jun 2024 21:39:37 GMT
Expires: Tue, 24 Jun 2025 21:39:37 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 06 Jun 2024 15:21:04 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 317329
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://1.bp.blogspot.com/-zyZkki5OJqE/To9Nmf1xb8I/AAAAAAAAEJQ/dlUOxjZ0H5U/s1600/email.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-zyZkki5OJqE/To9Nmf1xb8I/AAAAAAAAEJQ/dlUOxjZ0H5U/s1600/email.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="email.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1115
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 11:49:13 GMT
Expires: Sat, 29 Jun 2024 11:49:13 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 7151
ETag: "v1094"
Content-Type: image/png
Vary: Origin
GET

http://apis.google.com/js/plusone.js

IEXPLORE.EXE

Remote address:

172.217.16.238:80

Request

GET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Content-Length: 21592
Date: Fri, 28 Jun 2024 13:48:24 GMT
Expires: Fri, 28 Jun 2024 13:48:24 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "e8a41d6d60c1d068"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js

IEXPLORE.EXE

Remote address:

172.217.169.74:443

Request

GET /ajax/libs/jquery/1.6.1/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32124
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Jun 2024 22:55:29 GMT
Expires: Tue, 24 Jun 2025 22:55:29 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 312776
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://4.bp.blogspot.com/-O6nMA1_akTo/To9NmwKzo4I/AAAAAAAAEJU/UFiFTyAJbnw/s1600/facebook.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-O6nMA1_akTo/To9NmwKzo4I/AAAAAAAAEJU/UFiFTyAJbnw/s1600/facebook.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="facebook.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 955
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 11:22:07 GMT
Expires: Sat, 29 Jun 2024 11:22:07 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 8777
ETag: "v1095"
Content-Type: image/png
Vary: Origin
GET

http://4.bp.blogspot.com/-Sxb2nNGiLn0/UVRwriC4P4I/AAAAAAAAGZQ/_Du0clGJo8A/s1600/background1.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-Sxb2nNGiLn0/UVRwriC4P4I/AAAAAAAAGZQ/_Du0clGJo8A/s1600/background1.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v1995"
Expires: Sat, 29 Jun 2024 13:48:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="background1.png"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:26 GMT
Server: fife
Content-Length: 34392
X-XSS-Protection: 0
GET

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8557606873446166772&zx=a88cb663-0856-4105-97ae-0b29b74d346f

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /dyn-css/authorization.css?targetBlogID=8557606873446166772&zx=a88cb663-0856-4105-97ae-0b29b74d346f HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 28 Jun 2024 13:48:25 GMT
Last-Modified: Fri, 28 Jun 2024 13:48:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/navbar.g?targetBlogID=8557606873446166772&blogName=zawlin+template&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://zawlintemplate.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://zawlintemplate.blogspot.com/&vt=-5167728583004535801&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /navbar.g?targetBlogID=8557606873446166772&blogName=zawlin+template&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://zawlintemplate.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://zawlintemplate.blogspot.com/&vt=-5167728583004535801&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 28 Jun 2024 13:48:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/static/v1/widgets/204402360-widget_css_bundle.css

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/widgets/204402360-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 6824
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 27 Jun 2024 03:13:37 GMT
Expires: Fri, 27 Jun 2025 03:13:37 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 09 Sep 2021 01:51:04 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 124488
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

http://1.bp.blogspot.com/-SLbNOLbWhs0/To9NoZ-cOHI/AAAAAAAAEJg/uRl444L2fyg/s1600/rss.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-SLbNOLbWhs0/To9NoZ-cOHI/AAAAAAAAEJg/uRl444L2fyg/s1600/rss.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rss.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1517
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 11:22:07 GMT
Expires: Sat, 29 Jun 2024 11:22:07 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 8777
ETag: "v1098"
Content-Type: image/png
Vary: Origin
GET

http://1.bp.blogspot.com/-kXo9IIXZXXU/UVRw6S-XcaI/AAAAAAAAGbA/GM69fjKCN3k/s1600/search.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-kXo9IIXZXXU/UVRw6S-XcaI/AAAAAAAAGbA/GM69fjKCN3k/s1600/search.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="search.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 621
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:48:26 GMT
Expires: Sat, 29 Jun 2024 13:48:26 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19b1"
Content-Type: image/png
Vary: Origin
Age: 0
GET

http://safir85.ucoz.com/24work-blogspot/page-navigation/0-test-p-n-01_00.js

IEXPLORE.EXE

Remote address:

193.109.247.16:80

Request

GET /24work-blogspot/page-navigation/0-test-p-n-01_00.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: safir85.ucoz.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Server: nginx/1.8.0
Date: Fri, 28 Jun 2024 13:48:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Content-Encoding: gzip
GET

https://www.blogger.com/static/v1/widgets/745028019-widgets.js

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /static/v1/widgets/745028019-widgets.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 55002
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 27 Jun 2024 03:13:37 GMT
Expires: Fri, 27 Jun 2025 03:13:37 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 09 Sep 2021 01:51:04 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 124488
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET

https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__ HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&go=true
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 28 Jun 2024 13:48:26 GMT
Expires: Fri, 28 Jun 2024 13:48:26 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.IKZeRvoAYNY.O/am%3DAAAQ/d%3D1/rs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%3D__features__&bpli=1

IEXPLORE.EXE

Remote address:

142.250.178.9:443

Request

GET /followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.IKZeRvoAYNY.O/am%3DAAAQ/d%3D1/rs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%3D__features__&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 28 Jun 2024 13:48:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
GET

http://1.bp.blogspot.com/-_Q4kJjh7zmw/UbLYsi2HDkI/AAAAAAAAAII/znrVwk0zcsE/s72-c/zawlin.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-_Q4kJjh7zmw/UbLYsi2HDkI/AAAAAAAAAII/znrVwk0zcsE/s72-c/zawlin.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v303"
Expires: Sat, 29 Jun 2024 13:48:24 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="zawlin.jpg"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:24 GMT
Server: fife
Content-Length: 4074
X-XSS-Protection: 0
GET

http://1.bp.blogspot.com/-aoILmD0-rEw/UVRwyZL5ErI/AAAAAAAAGZo/vwYxT7Qp47A/s1600/container-bg.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-aoILmD0-rEw/UVRwyZL5ErI/AAAAAAAAGZo/vwYxT7Qp47A/s1600/container-bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="container-bg.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 28149
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:48:26 GMT
Expires: Sat, 29 Jun 2024 13:48:26 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v199b"
Content-Type: image/png
Vary: Origin
Age: 0
GET

http://4.bp.blogspot.com/-1MXcky_Zmso/URKrcOZSLVI/AAAAAAAAADU/AMYvMle5IMc/s72-c/IMG_0010.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-1MXcky_Zmso/URKrcOZSLVI/AAAAAAAAADU/AMYvMle5IMc/s72-c/IMG_0010.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vdae"
Expires: Sat, 29 Jun 2024 13:48:25 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0010.jpg"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:25 GMT
Server: fife
Content-Length: 3510
X-XSS-Protection: 0
GET

http://4.bp.blogspot.com/-btiWXOvt8uA/UVRw38BMdfI/AAAAAAAAGac/CTFsj-SClCs/s1600/background2.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-btiWXOvt8uA/UVRw38BMdfI/AAAAAAAAGac/CTFsj-SClCs/s1600/background2.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v19a9"
Expires: Sat, 29 Jun 2024 13:48:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="background2.png"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:26 GMT
Server: fife
Content-Length: 348119
X-XSS-Protection: 0
GET

http://yourjavascript.com/20341544131/fontchanger-techinblogging.js

IEXPLORE.EXE

Remote address:

76.223.54.146:80

Request

GET /20341544131/fontchanger-techinblogging.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: yourjavascript.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: openresty
Date: Fri, 28 Jun 2024 13:48:24 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

http://2.bp.blogspot.com/-LL6Jk4saZTU/UNRMQI0jlaI/AAAAAAAAACo/_nYT7VejkUg/s72-c/mxcpDigiDNA%252BDiskAid.jpeg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-LL6Jk4saZTU/UNRMQI0jlaI/AAAAAAAAACo/_nYT7VejkUg/s72-c/mxcpDigiDNA%252BDiskAid.jpeg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v303"
Expires: Sat, 29 Jun 2024 13:48:25 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mxcpDigiDNA+DiskAid.jpeg"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:25 GMT
Server: fife
Content-Length: 3315
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-v37ujelyoY8/UQjMACOHlWI/AAAAAAAAAE8/8f6c89VtRQ4/s72-c/i8lidDYIxmFqE%5B1%5D.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-v37ujelyoY8/UQjMACOHlWI/AAAAAAAAAE8/8f6c89VtRQ4/s72-c/i8lidDYIxmFqE%5B1%5D.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v303"
Expires: Sat, 29 Jun 2024 13:48:25 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="i8lidDYIxmFqE[1].png"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:25 GMT
Server: fife
Content-Length: 12950
X-XSS-Protection: 0
GET

http://2.bp.blogspot.com/-vMGk4QknV5A/Tw0--89TczI/AAAAAAAABJA/O21z_-ybUJs/s1600/nav.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-vMGk4QknV5A/Tw0--89TczI/AAAAAAAABJA/O21z_-ybUJs/s1600/nav.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="nav.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 431
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:48:26 GMT
Expires: Sat, 29 Jun 2024 13:48:26 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v490"
Content-Type: image/jpeg
Vary: Origin
Age: 0
GET

http://3.bp.blogspot.com/-vRmwbjmYg7M/UQtw3eYOIOI/AAAAAAAAAFU/oGJUt20sksY/s72-c/mxcpFREE.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-vRmwbjmYg7M/UQtw3eYOIOI/AAAAAAAAAFU/oGJUt20sksY/s72-c/mxcpFREE.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v303"
Expires: Sat, 29 Jun 2024 13:48:25 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="mxcpFREE.png"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:25 GMT
Server: fife
Content-Length: 7107
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-igGpv60wf-k/UVRw5Ty6WUI/AAAAAAAAGa0/DgaO45Akmjs/s1600/menu-secondary-bg.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-igGpv60wf-k/UVRw5Ty6WUI/AAAAAAAAGa0/DgaO45Akmjs/s1600/menu-secondary-bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="menu-secondary-bg.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 22877
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:48:26 GMT
Expires: Sat, 29 Jun 2024 13:48:26 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19af"
Content-Type: image/png
Vary: Origin
Age: 0
GET

http://3.bp.blogspot.com/-PAuIj0wKsQ4/UQuI5gL2UtI/AAAAAAAAACc/CvPLwMaV5dc/s72-c/cheaps-notebook1_01.jpg

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-PAuIj0wKsQ4/UQuI5gL2UtI/AAAAAAAAACc/CvPLwMaV5dc/s72-c/cheaps-notebook1_01.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v27"
Expires: Sat, 29 Jun 2024 13:48:25 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cheaps-notebook1_01.jpg"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:25 GMT
Server: fife
Content-Length: 2777
X-XSS-Protection: 0
GET

http://3.bp.blogspot.com/-DZ5Qz-Dfil8/UVRw68adveI/AAAAAAAAGbI/GLf5ZfZg3-A/s1600/widget-list.png

IEXPLORE.EXE

Remote address:

142.250.180.1:80

Request

GET /-DZ5Qz-Dfil8/UVRw68adveI/AAAAAAAAGbI/GLf5ZfZg3-A/s1600/widget-list.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v19b3"
Expires: Sat, 29 Jun 2024 13:48:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="widget-list.png"
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:26 GMT
Server: fife
Content-Length: 225
X-XSS-Protection: 0
GET

http://fonts.googleapis.com/css?family=PT+Sans

IEXPLORE.EXE

Remote address:

216.58.204.74:80

Request

GET /css?family=PT+Sans HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Fri, 28 Jun 2024 13:48:24 GMT
Date: Fri, 28 Jun 2024 13:48:24 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

IEXPLORE.EXE

Remote address:

172.217.169.74:80

Request

GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33593
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Jun 2024 21:39:23 GMT
Expires: Tue, 24 Jun 2025 21:39:23 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 317341
DNS

c.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
DNS

c.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
DNS

c.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
DNS

c.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
DNS

c.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

c.pki.goog

IN A

Response

c.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
GET

http://c.pki.goog/r/r1.crl

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:24:16 GMT
Expires: Fri, 28 Jun 2024 14:14:16 GMT
Cache-Control: public, max-age=3000
Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
Age: 1449
GET

http://c.pki.goog/r/r1.crl

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:24:16 GMT
Expires: Fri, 28 Jun 2024 14:14:16 GMT
Cache-Control: public, max-age=3000
Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
Age: 1449
GET

http://c.pki.goog/r/r1.crl

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:24:16 GMT
Expires: Fri, 28 Jun 2024 14:14:16 GMT
Cache-Control: public, max-age=3000
Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
Age: 1449
GET

http://c.pki.goog/r/r1.crl

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:24:16 GMT
Expires: Fri, 28 Jun 2024 14:14:16 GMT
Cache-Control: public, max-age=3000
Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
Age: 1449
GET

http://c.pki.goog/r/r1.crl

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 28 Jun 2024 13:24:16 GMT
Expires: Fri, 28 Jun 2024 14:14:16 GMT
Cache-Control: public, max-age=3000
Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
Age: 1449
DNS

o.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

o.pki.goog

IN A

Response

o.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
DNS

o.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

o.pki.goog

IN A

Response

o.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
DNS

o.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

o.pki.goog

IN A

Response

o.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
DNS

o.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

o.pki.goog

IN A

Response

o.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
DNS

o.pki.goog

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

o.pki.goog

IN A

Response

o.pki.goog

IN CNAME

pki-goog.l.google.com

pki-goog.l.google.com

IN A

172.217.169.67
GET

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCmrOqyXa%2F%2FgRBajssQLKXU

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCmrOqyXa%2F%2FgRBajssQLKXU HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:26:18 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1327
GET

http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC8OKiTXs1pgCYoA3mbu4DE%3D

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC8OKiTXs1pgCYoA3mbu4DE%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:09:21 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 2345
GET

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9 HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:20:49 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1656
GET

http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC8OKiTXs1pgCYoA3mbu4DE%3D

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC8OKiTXs1pgCYoA3mbu4DE%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:09:21 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 2345
GET

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9 HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:20:49 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1656
GET

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD3beG9%2FyAiiwlbAUunjQwt

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD3beG9%2FyAiiwlbAUunjQwt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:47:19 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 69
GET

http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEBawZ2bYspQENrtZBHIEQQ%3D

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEBawZ2bYspQENrtZBHIEQQ%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:15:17 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1988
GET

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD3beG9%2FyAiiwlbAUunjQwt

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD3beG9%2FyAiiwlbAUunjQwt HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:47:19 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 69
GET

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9

IEXPLORE.EXE

Remote address:

172.217.169.67:80

Request

GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9 HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog

Response

HTTP/1.1 200 OK

Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 28 Jun 2024 13:20:49 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1656
GET

http://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KEww.woff

IEXPLORE.EXE

Remote address:

216.58.201.99:80

Request

GET /s/ptsans/v17/jizaRExUiTo99u79D0KEww.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Type: font/woff
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 55360
Date: Fri, 28 Jun 2024 13:48:25 GMT
Expires: Sat, 28 Jun 2025 13:48:25 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:11:08 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
DNS

www.facebook.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

163.70.147.35
GET

http://www.facebook.com/plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

IEXPLORE.EXE

Remote address:

163.70.147.35:80

Request

GET /plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 28 Jun 2024 13:48:26 GMT
Connection: keep-alive
Content-Length: 0
GET

http://www.facebook.com/plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

IEXPLORE.EXE

Remote address:

163.70.147.35:80

Request

GET /plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Location: https://www.facebook.com/plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 28 Jun 2024 13:48:26 GMT
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

IEXPLORE.EXE

Remote address:

163.70.147.35:443

Request

GET /plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385550627028014932"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385550627028014932"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: AfdTq/CbH6qmfQd3dnEquf3F1J57MRfwG8RKFyPYqWsDubFG+63wKfUftonroSDlxiFkZZyf4yga8ae4O6OT6w==
Date: Fri, 28 Jun 2024 13:48:26 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=40, rtx=1, c=10, mss=1357, tbw=3224, tp=-1, tpl=-1, uplat=21, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
GET

https://www.facebook.com/plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

IEXPLORE.EXE

Remote address:

163.70.147.35:443

Request

GET /plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Content-Type: text/html;charset=utf-8
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385550627955484870"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385550627955484870"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: dGt+M59Vm9D6pa9CVYAuiolUJh14xdObSvANiyKZ4nQBMPxzMtnLvKZgyTr+xKmPHCKf2eGHpVaJF74L7pB7pg==
Date: Fri, 28 Jun 2024 13:48:26 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=39, rtx=1, c=10, mss=1357, tbw=3225, tp=-1, tpl=-1, uplat=16, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
DNS

accounts.google.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

209.85.203.84
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&go=true

IEXPLORE.EXE

Remote address:

209.85.203.84:443

Request

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Content-Type: application/binary
Set-Cookie: __Host-GAPS=1:Gbm_YADltu5UCu9-IeolmbsBLBDMjg:wnBvdqHnTpo27yE2; Expires=Sun, 28-Jun-2026 13:48:26 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 28 Jun 2024 13:48:26 GMT
Location: https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.IKZeRvoAYNY.O/am%3DAAAQ/d%3D1/rs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%3D__features__&bpli=1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: script-src 'nonce-9oAiT0xj26NAMaMTiGKqyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Cross-Origin-Opener-Policy: unsafe-none
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Resource-Policy: cross-origin
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

lh3.googleusercontent.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

lh3.googleusercontent.com

IN A

Response

lh3.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

172.217.16.225
DNS

lh3.googleusercontent.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

lh3.googleusercontent.com

IN A
GET

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tqoWqdyyPYRuTcCkbjNqb5DotKar_zq-6hm6Ry0O3In3zG3O2wi36x6wRHHAsZlt9ovlgt8tSIBQXaSfLSarrsN7JeYTtRvYa28wunXP-5SjaVZrqEeHrFCFl2fW0ETCeKwzkWFnjEG6UEtkZ4AVB-l8T22DuukEOzNJMTxRRdAUmJYxE94Sdmrai5ABbV03xy8Uwzp3EAMjHeNkBf44FYlgRo-wI9cCvvT6F6e-KfGpBvTZ3NzGby03Gu81Xra3sdacnlQC5C1Mu5vYtNt1wzjWhmTfL4gsnVvp0q8q_wx6f5JHv6-5vw4uAj9Q=s45-c

IEXPLORE.EXE

Remote address:

172.217.16.225:443

Request

GET /blogger_img_proxy/AEn0k_tqoWqdyyPYRuTcCkbjNqb5DotKar_zq-6hm6Ry0O3In3zG3O2wi36x6wRHHAsZlt9ovlgt8tSIBQXaSfLSarrsN7JeYTtRvYa28wunXP-5SjaVZrqEeHrFCFl2fW0ETCeKwzkWFnjEG6UEtkZ4AVB-l8T22DuukEOzNJMTxRRdAUmJYxE94Sdmrai5ABbV03xy8Uwzp3EAMjHeNkBf44FYlgRo-wI9cCvvT6F6e-KfGpBvTZ3NzGby03Gu81Xra3sdacnlQC5C1Mu5vYtNt1wzjWhmTfL4gsnVvp0q8q_wx6f5JHv6-5vw4uAj9Q=s45-c HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.IKZeRvoAYNY.O/am%3DAAAQ/d%3D1/rs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%3D__features__&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: lh3.googleusercontent.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Fri, 28 Jun 2024 13:48:28 GMT
Server: fife
Content-Length: 1907
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.23.9.218
DNS

www.microsoft.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

2.23.9.218

172.217.169.74:80

http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

http

IEXPLORE.EXE

1.1kB
32.0kB
18
26

HTTP Request

GET http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

HTTP Response

200
172.217.16.238:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs

tls, http

IEXPLORE.EXE

10.9kB
254.2kB
126
195

HTTP Request

GET https://apis.google.com/js/plusone.js

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_1?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/js/platform:gapi.iframes.style.common.js

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs

HTTP Response

200

HTTP Request

GET https://apis.google.com/js/platform.js

HTTP Response

200

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs

HTTP Response

200
142.250.180.1:80

http://1.bp.blogspot.com/-zyZkki5OJqE/To9Nmf1xb8I/AAAAAAAAEJQ/dlUOxjZ0H5U/s1600/email.png

http

IEXPLORE.EXE

605 B
1.8kB
6
5

HTTP Request

GET http://1.bp.blogspot.com/-zyZkki5OJqE/To9Nmf1xb8I/AAAAAAAAEJQ/dlUOxjZ0H5U/s1600/email.png

HTTP Response

200
172.217.16.238:80

http://apis.google.com/js/plusone.js

http

IEXPLORE.EXE

949 B
23.2kB
15
20

HTTP Request

GET http://apis.google.com/js/plusone.js

HTTP Response

200
172.217.169.74:443

https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js

tls, http

IEXPLORE.EXE

1.7kB
39.7kB
23
33

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js

HTTP Response

200
142.250.180.1:80

http://4.bp.blogspot.com/-Sxb2nNGiLn0/UVRwriC4P4I/AAAAAAAAGZQ/_Du0clGJo8A/s1600/background1.png

http

IEXPLORE.EXE

1.6kB
37.5kB
21
32

HTTP Request

GET http://4.bp.blogspot.com/-O6nMA1_akTo/To9NmwKzo4I/AAAAAAAAEJU/UFiFTyAJbnw/s1600/facebook.png

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/-Sxb2nNGiLn0/UVRwriC4P4I/AAAAAAAAGZQ/_Du0clGJo8A/s1600/background1.png

HTTP Response

200
142.250.178.9:443

https://www.blogger.com/navbar.g?targetBlogID=8557606873446166772&blogName=zawlin+template&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://zawlintemplate.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://zawlintemplate.blogspot.com/&vt=-5167728583004535801&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__

tls, http

IEXPLORE.EXE

2.1kB
10.2kB
16
18

HTTP Request

GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8557606873446166772&zx=a88cb663-0856-4105-97ae-0b29b74d346f

HTTP Response

200

HTTP Request

GET https://www.blogger.com/navbar.g?targetBlogID=8557606873446166772&blogName=zawlin+template&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://zawlintemplate.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://zawlintemplate.blogspot.com/&vt=-5167728583004535801&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__

HTTP Response

200
142.250.178.9:443

https://www.blogger.com/static/v1/widgets/204402360-widget_css_bundle.css

tls, http

IEXPLORE.EXE

1.2kB
12.4kB
13
14

HTTP Request

GET https://www.blogger.com/static/v1/widgets/204402360-widget_css_bundle.css

HTTP Response

200
142.250.180.1:80

http://1.bp.blogspot.com/-kXo9IIXZXXU/UVRw6S-XcaI/AAAAAAAAGbA/GM69fjKCN3k/s1600/search.png

http

IEXPLORE.EXE

1.0kB
3.3kB
8
7

HTTP Request

GET http://1.bp.blogspot.com/-SLbNOLbWhs0/To9NoZ-cOHI/AAAAAAAAEJg/uRl444L2fyg/s1600/rss.png

HTTP Response

200

HTTP Request

GET http://1.bp.blogspot.com/-kXo9IIXZXXU/UVRw6S-XcaI/AAAAAAAAGbA/GM69fjKCN3k/s1600/search.png

HTTP Response

200
193.109.247.16:80

http://safir85.ucoz.com/24work-blogspot/page-navigation/0-test-p-n-01_00.js

http

IEXPLORE.EXE

574 B
3.1kB
6
5

HTTP Request

GET http://safir85.ucoz.com/24work-blogspot/page-navigation/0-test-p-n-01_00.js

HTTP Response

404
193.109.247.16:80

safir85.ucoz.com

IEXPLORE.EXE

466 B
92 B
10
2
142.250.178.9:443

https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.IKZeRvoAYNY.O/am%3DAAAQ/d%3D1/rs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%3D__features__&bpli=1

tls, http

IEXPLORE.EXE

3.6kB
69.0kB
37
60

HTTP Request

GET https://www.blogger.com/static/v1/widgets/745028019-widgets.js

HTTP Response

200

HTTP Request

GET https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.IKZeRvoAYNY.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw%2Fm%3D__features__

HTTP Response

302

HTTP Request

GET https://www.blogger.com/followers.g?blogID=8557606873446166772&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://zawlintemplate.blogspot.com/&usegapi=1&jsh=m;/_/scs/abc-static/_/js/k%3Dgapi.lb.en.IKZeRvoAYNY.O/am%3DAAAQ/d%3D1/rs%3DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%3D__features__&bpli=1

HTTP Response

200
172.217.16.238:80

apis.google.com

IEXPLORE.EXE

190 B
92 B
4
2
142.250.180.1:80

http://1.bp.blogspot.com/-aoILmD0-rEw/UVRwyZL5ErI/AAAAAAAAGZo/vwYxT7Qp47A/s1600/container-bg.png

http

IEXPLORE.EXE

1.5kB
34.3kB
19
30

HTTP Request

GET http://1.bp.blogspot.com/-_Q4kJjh7zmw/UbLYsi2HDkI/AAAAAAAAAII/znrVwk0zcsE/s72-c/zawlin.jpg

HTTP Response

200

HTTP Request

GET http://1.bp.blogspot.com/-aoILmD0-rEw/UVRwyZL5ErI/AAAAAAAAGZo/vwYxT7Qp47A/s1600/container-bg.png

HTTP Response

200
76.223.54.146:80

yourjavascript.com

IEXPLORE.EXE

190 B
132 B
4
3
142.250.180.1:80

http://4.bp.blogspot.com/-btiWXOvt8uA/UVRw38BMdfI/AAAAAAAAGac/CTFsj-SClCs/s1600/background2.png

http

IEXPLORE.EXE

7.0kB
363.2kB
138
267

HTTP Request

GET http://4.bp.blogspot.com/-1MXcky_Zmso/URKrcOZSLVI/AAAAAAAAADU/AMYvMle5IMc/s72-c/IMG_0010.jpg

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/-btiWXOvt8uA/UVRw38BMdfI/AAAAAAAAGac/CTFsj-SClCs/s1600/background2.png

HTTP Response

200
76.223.54.146:80

http://yourjavascript.com/20341544131/fontchanger-techinblogging.js

http

IEXPLORE.EXE

566 B
471 B
6
5

HTTP Request

GET http://yourjavascript.com/20341544131/fontchanger-techinblogging.js

HTTP Response

200
142.250.180.1:80

http://2.bp.blogspot.com/-LL6Jk4saZTU/UNRMQI0jlaI/AAAAAAAAACo/_nYT7VejkUg/s72-c/mxcpDigiDNA%252BDiskAid.jpeg

http

IEXPLORE.EXE

670 B
4.0kB
7
6

HTTP Request

GET http://2.bp.blogspot.com/-LL6Jk4saZTU/UNRMQI0jlaI/AAAAAAAAACo/_nYT7VejkUg/s72-c/mxcpDigiDNA%252BDiskAid.jpeg

HTTP Response

200
142.250.180.1:80

http://2.bp.blogspot.com/-vMGk4QknV5A/Tw0--89TczI/AAAAAAAABJA/O21z_-ybUJs/s1600/nav.jpg

http

IEXPLORE.EXE

1.3kB
14.9kB
13
15

HTTP Request

GET http://2.bp.blogspot.com/-v37ujelyoY8/UQjMACOHlWI/AAAAAAAAAE8/8f6c89VtRQ4/s72-c/i8lidDYIxmFqE%5B1%5D.png

HTTP Response

200

HTTP Request

GET http://2.bp.blogspot.com/-vMGk4QknV5A/Tw0--89TczI/AAAAAAAABJA/O21z_-ybUJs/s1600/nav.jpg

HTTP Response

200
142.250.180.1:80

http://3.bp.blogspot.com/-igGpv60wf-k/UVRw5Ty6WUI/AAAAAAAAGa0/DgaO45Akmjs/s1600/menu-secondary-bg.png

http

IEXPLORE.EXE

1.5kB
32.0kB
18
28

HTTP Request

GET http://3.bp.blogspot.com/-vRmwbjmYg7M/UQtw3eYOIOI/AAAAAAAAAFU/oGJUt20sksY/s72-c/mxcpFREE.png

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-igGpv60wf-k/UVRw5Ty6WUI/AAAAAAAAGa0/DgaO45Akmjs/s1600/menu-secondary-bg.png

HTTP Response

200
142.250.180.1:80

http://3.bp.blogspot.com/-DZ5Qz-Dfil8/UVRw68adveI/AAAAAAAAGbI/GLf5ZfZg3-A/s1600/widget-list.png

http

IEXPLORE.EXE

1.1kB
4.2kB
9
8

HTTP Request

GET http://3.bp.blogspot.com/-PAuIj0wKsQ4/UQuI5gL2UtI/AAAAAAAAACc/CvPLwMaV5dc/s72-c/cheaps-notebook1_01.jpg

HTTP Response

200

HTTP Request

GET http://3.bp.blogspot.com/-DZ5Qz-Dfil8/UVRw68adveI/AAAAAAAAGbI/GLf5ZfZg3-A/s1600/widget-list.png

HTTP Response

200
216.58.204.74:80

http://fonts.googleapis.com/css?family=PT+Sans

http

IEXPLORE.EXE

525 B
876 B
6
5

HTTP Request

GET http://fonts.googleapis.com/css?family=PT+Sans

HTTP Response

200
172.217.169.74:80

http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

http

IEXPLORE.EXE

1.2kB
35.7kB
19
29

HTTP Request

GET http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

HTTP Response

200
216.58.204.74:80

fonts.googleapis.com

IEXPLORE.EXE

190 B
92 B
4
2
172.217.169.67:80

http://c.pki.goog/r/r1.crl

http

IEXPLORE.EXE

348 B
1.7kB
5
4

HTTP Request

GET http://c.pki.goog/r/r1.crl

HTTP Response

200
172.217.169.67:80

http://c.pki.goog/r/r1.crl

http

IEXPLORE.EXE

348 B
1.7kB
5
4

HTTP Request

GET http://c.pki.goog/r/r1.crl

HTTP Response

200
172.217.169.67:80

http://c.pki.goog/r/r1.crl

http

IEXPLORE.EXE

348 B
1.7kB
5
4

HTTP Request

GET http://c.pki.goog/r/r1.crl

HTTP Response

200
172.217.169.67:80

http://c.pki.goog/r/r1.crl

http

IEXPLORE.EXE

348 B
1.7kB
5
4

HTTP Request

GET http://c.pki.goog/r/r1.crl

HTTP Response

200
172.217.169.67:80

http://c.pki.goog/r/r1.crl

http

IEXPLORE.EXE

348 B
1.7kB
5
4

HTTP Request

GET http://c.pki.goog/r/r1.crl

HTTP Response

200
172.217.169.67:80

http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC8OKiTXs1pgCYoA3mbu4DE%3D

http

IEXPLORE.EXE

890 B
3.1kB
9
6

HTTP Request

GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCmrOqyXa%2F%2FgRBajssQLKXU

HTTP Response

200

HTTP Request

GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC8OKiTXs1pgCYoA3mbu4DE%3D

HTTP Response

200
172.217.169.67:80

http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC8OKiTXs1pgCYoA3mbu4DE%3D

http

IEXPLORE.EXE

886 B
3.1kB
9
6

HTTP Request

GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9

HTTP Response

200

HTTP Request

GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEC8OKiTXs1pgCYoA3mbu4DE%3D

HTTP Response

200
172.217.169.67:80

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD3beG9%2FyAiiwlbAUunjQwt

http

IEXPLORE.EXE

886 B
3.1kB
9
6

HTTP Request

GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9

HTTP Response

200

HTTP Request

GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD3beG9%2FyAiiwlbAUunjQwt

HTTP Response

200
172.217.169.67:80

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD3beG9%2FyAiiwlbAUunjQwt

http

IEXPLORE.EXE

888 B
3.1kB
9
6

HTTP Request

GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEBawZ2bYspQENrtZBHIEQQ%3D

HTTP Response

200

HTTP Request

GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD3beG9%2FyAiiwlbAUunjQwt

HTTP Response

200
172.217.169.67:80

http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9

http

IEXPLORE.EXE

514 B
1.6kB
6
4

HTTP Request

GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDsN12HOo9iyQpCccWmX3l9

HTTP Response

200
216.58.201.99:80

http://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KEww.woff

http

IEXPLORE.EXE

1.5kB
57.9kB
27
45

HTTP Request

GET http://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KEww.woff

HTTP Response

200
216.58.201.99:80

fonts.gstatic.com

IEXPLORE.EXE

190 B
92 B
4
2
163.70.147.35:80

http://www.facebook.com/plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

http

IEXPLORE.EXE

701 B
856 B
7
5

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

HTTP Response

301
163.70.147.35:80

http://www.facebook.com/plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

http

IEXPLORE.EXE

707 B
868 B
7
5

HTTP Request

GET http://www.facebook.com/plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

HTTP Response

301
163.70.147.35:443

https://www.facebook.com/plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

tls, http

IEXPLORE.EXE

1.3kB
7.1kB
13
12

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=Fanpage%20URL%20Link&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

HTTP Response

200
163.70.147.35:443

https://www.facebook.com/plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

tls, http

IEXPLORE.EXE

1.3kB
7.1kB
13
12

HTTP Request

GET https://www.facebook.com/plugins/like.php?href=TechInBlogging&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

HTTP Response

200
209.85.203.84:443

accounts.google.com

tls

IEXPLORE.EXE

704 B
4.5kB
9
8
209.85.203.84:443

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&go=true

tls, http

IEXPLORE.EXE

2.0kB
6.4kB
10
11

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8557606873446166772%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://zawlintemplate.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.IKZeRvoAYNY.O/am%253DAAAQ/d%253D1/rs%253DAHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/m%253D__features__%26bpli%3D1&go=true

HTTP Response

302
172.217.16.225:443

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tqoWqdyyPYRuTcCkbjNqb5DotKar_zq-6hm6Ry0O3In3zG3O2wi36x6wRHHAsZlt9ovlgt8tSIBQXaSfLSarrsN7JeYTtRvYa28wunXP-5SjaVZrqEeHrFCFl2fW0ETCeKwzkWFnjEG6UEtkZ4AVB-l8T22DuukEOzNJMTxRRdAUmJYxE94Sdmrai5ABbV03xy8Uwzp3EAMjHeNkBf44FYlgRo-wI9cCvvT6F6e-KfGpBvTZ3NzGby03Gu81Xra3sdacnlQC5C1Mu5vYtNt1wzjWhmTfL4gsnVvp0q8q_wx6f5JHv6-5vw4uAj9Q=s45-c

tls, http

IEXPLORE.EXE

1.9kB
12.0kB
11
14

HTTP Request

GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tqoWqdyyPYRuTcCkbjNqb5DotKar_zq-6hm6Ry0O3In3zG3O2wi36x6wRHHAsZlt9ovlgt8tSIBQXaSfLSarrsN7JeYTtRvYa28wunXP-5SjaVZrqEeHrFCFl2fW0ETCeKwzkWFnjEG6UEtkZ4AVB-l8T22DuukEOzNJMTxRRdAUmJYxE94Sdmrai5ABbV03xy8Uwzp3EAMjHeNkBf44FYlgRo-wI9cCvvT6F6e-KfGpBvTZ3NzGby03Gu81Xra3sdacnlQC5C1Mu5vYtNt1wzjWhmTfL4gsnVvp0q8q_wx6f5JHv6-5vw4uAj9Q=s45-c

HTTP Response

404
172.217.16.225:443

lh3.googleusercontent.com

tls

IEXPLORE.EXE

756 B
9.6kB
10
11
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.7kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

747 B
7.7kB
9
12
204.79.197.200:443

ieonline.microsoft.com

tls

iexplore.exe

779 B
7.7kB
9
12

8.8.8.8:53

www.blogger.com

dns

IEXPLORE.EXE

61 B
108 B
1
1

DNS Request

www.blogger.com

DNS Response

142.250.178.9
8.8.8.8:53

ajax.googleapis.com

dns

IEXPLORE.EXE

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

172.217.169.74
8.8.8.8:53

apis.google.com

dns

IEXPLORE.EXE

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

172.217.16.238
8.8.8.8:53

1.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

1.bp.blogspot.com

DNS Response

142.250.180.1
8.8.8.8:53

yourjavascript.com

dns

IEXPLORE.EXE

64 B
96 B
1
1

DNS Request

yourjavascript.com

DNS Response

76.223.54.146

13.248.169.48
8.8.8.8:53

4.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

4.bp.blogspot.com

DNS Response

142.250.180.1
8.8.8.8:53

safir85.ucoz.com

dns

IEXPLORE.EXE

62 B
78 B
1
1

DNS Request

safir85.ucoz.com

DNS Response

193.109.247.16
8.8.8.8:53

2.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

2.bp.blogspot.com

DNS Response

142.250.180.1
8.8.8.8:53

3.bp.blogspot.com

dns

IEXPLORE.EXE

63 B
124 B
1
1

DNS Request

3.bp.blogspot.com

DNS Response

142.250.180.1
8.8.8.8:53

c.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

c.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

c.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

c.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

c.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

c.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

o.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

o.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

o.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

o.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

o.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

o.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

o.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

o.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

o.pki.goog

dns

IEXPLORE.EXE

56 B
107 B
1
1

DNS Request

o.pki.goog

DNS Response

172.217.169.67
8.8.8.8:53

www.facebook.com

dns

IEXPLORE.EXE

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

163.70.147.35
8.8.8.8:53

accounts.google.com

dns

IEXPLORE.EXE

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

209.85.203.84
8.8.8.8:53

lh3.googleusercontent.com

dns

IEXPLORE.EXE

142 B
116 B
2
1

DNS Request

lh3.googleusercontent.com

DNS Request

lh3.googleusercontent.com

DNS Response

172.217.16.225
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.23.9.218
8.8.8.8:53

www.microsoft.com

dns

iexplore.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

2.23.9.218

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

Filesize
854B

MD5
8d1040b12a663ca4ec7277cfc1ce44f0

SHA1
b27fd6bbde79ebdaee158211a71493e21838756b

SHA256
3086094d4198a5bbd12938b0d2d5f696c4dfc77e1eae820added346a59aa8727

SHA512
610c72970856ef7a316152253f7025ac11635078f1aea7b84641715813792374d2447b1002f1967d62b24073ee291b3e4f3da777b71216a30488a5d7b6103ac1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
897068464f17087abb616f6b0477d80d

SHA1
bcdbaf5b2622d347013f80f16a5ee98714e26915

SHA256
e24895c78bb9f417a792c478e366a5aef4b50478d205ac36878a58bd72a04ba3

SHA512
3c2c4692c4229befd8e439eb1ea51f61c36a7425661162cb973ad27d531a87a0b1dfc2cc9a5e2cf74f8b83340e0a1c8d37996c208dd4fdd2c6330356218dfe3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
914B

MD5
e4a68ac854ac5242460afd72481b2a44

SHA1
df3c24f9bfd666761b268073fe06d1cc8d4f82a4

SHA256
cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

SHA512
5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

Filesize
252B

MD5
1ce3338c7dce687c539bef853c53c068

SHA1
46894cbb82e75ab7e359320f7e547453ed403a6b

SHA256
2f3d7b6817e8e454df9e9689492f702e8eadc46a06c60cdfb127b4dd0c7f88a0

SHA512
da7d6bfa41950b7d2d0394caeb64111dfc63c5b8d2f437013e7933cce35bc57a64cfe3987e4a3f9671ce1ed57860039308340df1cc831d51dbf6b1b689d19b2f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
29563b70c170aefcbcc3747107cc0e80

SHA1
2ee86af2d1b34ec826c013c10a261fc9444ebf5e

SHA256
0e0d1478dcc6d3f4b0b9d659537d97a2dff76d0ff9f53508aaea82cd495fe833

SHA512
bbf21f0f9ee06963d33c4eec35bd9d7c31a27ff96261c23899371be0a632f97c7a20db922f4142645ee93e1e658ff2908345136fe036e28c0002c22dca5a70c2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d4b4bf298d3f9143927b3db8ba0d3b01

SHA1
8780a75c5f3b1f9f6dc07812388fb78566a52319

SHA256
ad8da88065ebfa3cc2b02da7e6f82eae31d840890e80a253be081d264ce90d0a

SHA512
ec5dca2ebff30a43fd82cf31de34f7cfc365439c4a0240ced2abde7aa3301d1ea983ed02f82288b43e42fdd02bb2191dd8dbc1634ad51ea196dd8b9671c1e62d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
17cf66bc8bd2cc0d3e44fe8de00c8605

SHA1
c3139a1ed8912d7d2f2ae5be9494c9332cf9e2ec

SHA256
585b15ce18da6de35e59e0ccfdb1dc9d17452515da06ed09ce39cf11cb870992

SHA512
b7e90c3d71b10f4c953319d29f195f86282d6ba23ea0e45bf1f9b3193b62072b7e6cabde1882bc65909334ce2be53db0a1100d97d3efd9fb70ffbaaa6d19c562

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
614fc822257d6fcbd9477e1f37d367d6

SHA1
ac216f48868a6cc90f73d070230f6e67db6568eb

SHA256
671f11a0d58e6ab622ced13a3be010d029ebad82efda2a78aedd475b5b3e344a

SHA512
5dd9bff58b0b79798137cd168e4123f8fcbc949d73e8bb45b9526a9c552505769f8a8acada7bc8c8d581dc62816c22117844a99651a8b5bb7e1b473e0854a0ab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
851aeee07f15c27413bff7991b89d653

SHA1
b59b836fc02e089499e62db7b4de42bff1034f12

SHA256
e3580cefbe61888308e6cc4ca0196411c23191d3c65eea47affc7dbd9ade9bcf

SHA512
d0c90a759385b3ee9fdb2a0a337a9b65d4a356739cd5c1baea8fa86e53af70b7643a81a7b1b93c4d641bd1da507f18d153774941cfe00ffafc52af65bad01ac0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
e5aa194408c7559c509cf0110077d6b6

SHA1
7253980922a25c5fcea29673b7856b0bb8b26a1b

SHA256
e74a261487aacc44180629ea35f122c20c8f84c68ca41d7c8f5e6c1b0783d69f

SHA512
917f83fde5eb4d3d2003011f89507b44fbcc85d8ff2577ca7ee7b9168f6a1c016c618c8f572dd25f79b405a08ddcd3f0da0a0d28b102a7194e6bc213d17267a3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d3d58a721bfa64d1bfa1e9f28e581e0a

SHA1
d0503985076a396eec89079f99a85384397a4fb9

SHA256
901cbc97559a1087f6cb794075ef89d7dbc27ed38ee05576af64f21c717bf255

SHA512
9ae6ac84064300fd068f2cf48fb28306d50755e6263c303dc255728df5684b1736fcd6d7f9688f12a67975a26f082111b7b465a35ed73e4c545b375b3c14bf55

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9693d0c12dfe2cf466416ae5ecffd496

SHA1
2e91f151f8d8ff1b3b0340e45e77f9a39159d88e

SHA256
112d9521a6caa01029ade7b9c6065e57d95f3cfc040fc0650a1e75f1a290901f

SHA512
a761e29af3707b1d142350d8cb8db60a20f2178117a8913e742b283575a54c6fa817bda2656b08fccd080ac42f1f0aeeed23c22c154e9940f84b21a28e728eae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
84fd1a8e6812f985d10133310d7728af

SHA1
ba79c04a934d966bfef27c0898b85c00d0520608

SHA256
02ca15b3065eff8be512971a4ab25c12a0bf6024f20392db1a6a9971d59d1393

SHA512
d31c4cc6084ac348d6da4db0ae5f96963c9ef37d76a1daf3adb1db548a640b30f65a8d2e803242c089833fe5d29be81073a0d82af46382fdc75db03b76c2965a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
97fa2d4d35666f5de866bd3701e6039e

SHA1
393be359f1941ec4f7fd2b9c7cb04a4950fe3b6d

SHA256
95bff3795fcf6463381ceb88650cf709553b45e27c67e9c92c98b2d8f4fcb29e

SHA512
efa5625c4bcce02a348a55ac143b207225852d3ad182e517708b2a925dc430150fffb79e714acd7ff250744f8b7a6b892b391e94a96806978db675f2e08617ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7a7a2832c5e2f4228b4304b82ffb0d06

SHA1
6c447e9e985c5b4f757c55ea99f0f50b858a7e9f

SHA256
d32b915a125618933be142adc99fbdc377a6f8c226cc3d81d1bb4a7b9f3ae04d

SHA512
57c5b9613d43b1424b23b1cc0875f235d669a8770ebacfa3c9ef828633d2932c6f9fb155b422d0c2e09d574f47271ee37663c15d9f08ca0519ab5b5c3b10182e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1b86a31164bf1b0ab99da1baaee40ade

SHA1
32fc70d114e1d5192fa39d03da5d9ef183a30500

SHA256
b7c086197c533ee3314a0d9aff9ef232187f3205673a5ec5cd5754260f71546c

SHA512
c75bc44dd23b9d393b49f6fa63318e4c98ba75975dde61e3753899ab1e5aca011732e1cc92d1699890f0d97a1500959ee11be79af8febf27f48a0bb10565358c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
0828a48883de478a677b846b199b1a60

SHA1
c4ac131d00ed81adb0e4d37328ed943a8a980eae

SHA256
dc3546588e8f2cf5bf6144a31626de8a3839b383261cfd5c40fed33ca1846451

SHA512
6ddefc1f719555268dccfa92936b7beaca57fd376c723684e8456b287c430abb7d19af9fe76a494b6257e5c9f9960781a30f3275e01a4df99f3f517ae2a8f2cd

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5c4a07c4578d7067c16138ad86fac128

SHA1
4f63e97733294d3fa8323dfd1513b3b12b2181e8

SHA256
7c19a0c7a83d30c16ae99c8be8bb9fcdad99c03ac174020997cfbb8e253ff3ca

SHA512
4c25a8b635c96bf3c15b2e96ac744484f4730ee751f01d7acf88dd7c488f6873054af7b1a4e41c71c7c844c8824e75f959f49e666d3b755f82560f4be9e94eaf

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4037d54301b094dbd37a95b60fbb4cda

SHA1
836c88a382ea08a6350eaf414da23a3ea9407df1

SHA256
5e38f06d78782f19bee865449e9e7c009a07096968f40ea8eccf276c13f16f28

SHA512
24244bc0059c7e34a071ef89e9e6400f8f63cc4aeaa27472e92dacc2e7dbbef2eb70695b2f3ad8f8d78331bbc1dd599c6865e6884bdc7075f7e0dca478c365a0

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
26b3d7804e6433789b06f3b4f2a52f30

SHA1
2b7070f6a421006e066cb89963da3d046de8f76d

SHA256
d4959c3dc9fc23cf2ae4571afb41bfacd743f301181545f99522e022746d4b11

SHA512
63f12d3da5c7216b618a0c1d22c399fadaa9397e3a06180a23411e40170489ba681f9e2fde9112fc6a3d106ce170e2994da2f18f87a264bcbbc7debc1c1ae431

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
99481a142ecbcf43c8192489340488a6

SHA1
e01a908ff972dce92267b1dab098fb6dc7fca229

SHA256
fb8520edb1c4b6a2a47118e268d6ba94756c33cd2325340250068a8410554094

SHA512
e88eaf2f340269464038bae9e556079159d405741fcb987846d80ffc246681c6e5bd8b37469ffff5e73bd2cbf70ab45eaae5096edeb0994c3682c6e7b024b65b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7a6b95e3eef7a916470a642f02c0379d

SHA1
cc59a357403724897cc576b227513c5a2124695d

SHA256
0ffdee3ba56c34aee4693c26413e78c0f5fd0307a6c97ae0a16fefd69bf03c89

SHA512
a7a38285814132321e6b4ac450742cf0e9ec429cb255871dbb5a4ec761359d1c59ec148eaa3786f2eaf9a07f5a6b2a653de9867cfa978927432313ffbd259c8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
32c5cd134ea0095af898861d2863a87d

SHA1
4d573c08c4f731bddf2623847e9ad85842afdbd3

SHA256
d2f7516f29098820cc609876e3782d4a30deb11a57a6a32427fd59a368a2b02f

SHA512
10c55b4e0719e64daecb06640e07d57ff0e7fde8bdda6a4c9477b658ccf7e8a193d153088befde4fa365b8bdb8faee42878d4e9f7af3079d35c37b2638328259

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4178d3992f96240e12327c0cfe22e6b2

SHA1
59af1ae46bb219e49444354bc8f0ac461f63432e

SHA256
e1ca461baddaba674f69f6be324724992ac7cebf62e9d9a366ec0d8456dec7e0

SHA512
4e0347817411bbd1fab6a9e327cfb8c511318f96ec7a93a06732a5a559cf4f907bc04d4c439356a1682724ea705f241c801231ce0c8327b9b56f7125ba9b4132

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
32673312035dfddec31f47d7e20f836d

SHA1
f2fafc04cb2dd24e68de2b67c064d7cabc26b1a6

SHA256
4585c8a78d3b9f181629330e7aa86a23a5a3fe4429cba98987743048dffdfe3f

SHA512
582f1852ce8a2dba50dd3e6626260287411c527ed8371a69421af42ac94234cc79000e597b594c504d98d513507cb72e9d25992ab775aab818f8aa2d1d2f50ee

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
4d21bb6a1bb2422980abcae09378645f

SHA1
199c2f5fb4078505dd55ccdde1957a59d1929ff1

SHA256
e8c4b03d7df5e4a54a94a74b1fc02fa83a1a4dc45092928a37e518bba661fd55

SHA512
62f7c51b810f97f8fe8d2f5497deb44ae964fa5a43a3092d6d70b7889d9cd7e5281e73fb708cf09b79bfdb4cd9fa48713dbf9243a0cf8d62f7c5f3ceefef7beb

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ddadee4c390d34c33e9183663fe580b8

SHA1
b354d78315508d75c162f83a7481275ec45c65bf

SHA256
a5f2a502581a53875d718ef99c0b974a7f0ba968d70158e33a070e13e6946dd1

SHA512
623ff7adbc41e323502ab1027fd1043636dcbd084cd12272de1a88683c292d83bf6d89c49452a908d7efb9265259556dd48371ca0f6a5f3f30b13d0e00e6b5a4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
56acd09bcc2495c9c35d5c74dd67993f

SHA1
6590105d44bc1f478e37520443c92b906ee67bea

SHA256
1ced3b37342faa5962b1bf12b423d24294b6f33323f04fb8d99693fca646ba72

SHA512
34f73f3c3a0324e8d7fcb9750e45e0d00587a08769e469a96f21f812e9a0a63603f231355860f1d0ae4405fb549833e8800d784b7b2f57eb703f646ef80f3a3c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
68f8835c2f61346fcd253de6aa4b7748

SHA1
5b6d070083f0c449d76cc8a25163dda7a6059272

SHA256
ccf3821319bca75ae31aad69b9d488dd82f43436cd71fdae0bd20749a9f19421

SHA512
a240740565dcfe564d3d8f81c5e22043cae301c20d6bd1a7edef6eed7ff61d417447ebb189d8c6406fa0de4dcbd5e7e38886338cb496e3dce43b5c7a60388b86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NPBB818\cb=gapi[1].js

Filesize
136KB

MD5
5a7616280268d3642196c89bd5a7bf00

SHA1
0350f9555271f57d150da785524e095a7e8eea56

SHA256
276ab13834ac74ad86344346135288624927cf2e8c5cdd589bd4619fcd467c44

SHA512
76381e69a4c24798b68e95dead45543e0f685dceda39ef73d49a65261db91d07c8aca0171b97cdb173c0f21d52aef3d6c6699ab62d511e3796dfbcda4b26bc63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1014REI\plusone[1].js

Filesize
55KB

MD5
1836b4abbd1fd49fd11516be980bce8d

SHA1
3c3049deaf59cd048cc60f68726f0143e77c609c

SHA256
b05f1cae6d34e07d081b924689c3d5bb1f921b9664348b1317587647b47ee18c

SHA512
f0d861ac04ac1888c4f695674e330b46650e48a8dc6d30da9339043b2aaa35c0df53d0e5742c3c2a9be280a2196924edd69e225c95e7ba01d628429413117391

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab17E7.tmp

Filesize
65KB

MD5
ac05d27423a85adc1622c714f2cb6184

SHA1
b0fe2b1abddb97837ea0195be70ab2ff14d43198

SHA256
c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

SHA512
6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar17E9.tmp

Filesize
171KB

MD5
9c0c641c06238516f27941aa1166d427

SHA1
64cd549fb8cf014fcd9312aa7a5b023847b6c977

SHA256
4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

SHA512
936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar18C9.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request