Analysis

  • max time kernel
    145s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/09/2024, 12:04 UTC

General

  • Target

    d645be115c3f4d55390c25e1a882a915_JaffaCakes118.html

  • Size

    159KB

  • MD5

    d645be115c3f4d55390c25e1a882a915

  • SHA1

    85c41c90cbd05a0278e13eabfe2d1fdc9ca79a74

  • SHA256

    c52a46922aaf3e58b81b24512be09894aa6a9fc2fce2f561c2e103a232a1fa20

  • SHA512

    53007d6088d715b7b397b04d8e76b1354423881122f2dbb92dc90c8d51416854637966398920cd15653b94175d714e564127d0aaa75acd9d48399d7bd27d786e

  • SSDEEP

    3072:3HRcVhIVs2LQe2U0Dzvj40MZEPjLpUxAfYxslxNcl8CLcXmNRSxrfeOG9pr1a9a9:Bc7J/jXmNRT1RkR8h

Score
3/10

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d645be115c3f4d55390c25e1a882a915_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4872
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f70346f8,0x7ff9f7034708,0x7ff9f7034718
      2⤵
        PID:4172
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
        2⤵
          PID:4124
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1392
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8
          2⤵
            PID:2392
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
            2⤵
              PID:2684
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
              2⤵
                PID:2280
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
                2⤵
                  PID:3280
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
                  2⤵
                    PID:2616
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
                    2⤵
                      PID:2912
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
                      2⤵
                        PID:5096
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6140 /prefetch:8
                        2⤵
                          PID:4352
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6140 /prefetch:8
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:4280
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
                          2⤵
                            PID:3544
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5748 /prefetch:1
                            2⤵
                              PID:1420
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
                              2⤵
                                PID:2796
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
                                2⤵
                                  PID:3384
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,11916992159187832541,15450828106811009566,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5700 /prefetch:2
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:6104
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:1432
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:2868

                                  Network

                                  • flag-us
                                    DNS
                                    8.8.8.8.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    8.8.8.8.in-addr.arpa
                                    IN PTR
                                    Response
                                    8.8.8.8.in-addr.arpa
                                    IN PTR
                                    dnsgoogle
                                  • flag-us
                                    DNS
                                    apis.google.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    apis.google.com
                                    IN A
                                    Response
                                    apis.google.com
                                    IN CNAME
                                    plus.l.google.com
                                    plus.l.google.com
                                    IN A
                                    142.250.200.14
                                  • flag-us
                                    DNS
                                    www.blogger.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.blogger.com
                                    IN A
                                    Response
                                    www.blogger.com
                                    IN CNAME
                                    blogger.l.google.com
                                    blogger.l.google.com
                                    IN A
                                    142.250.200.41
                                  • flag-us
                                    DNS
                                    ajax.googleapis.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    ajax.googleapis.com
                                    IN A
                                    Response
                                    ajax.googleapis.com
                                    IN A
                                    142.250.200.42
                                  • flag-gb
                                    GET
                                    http://ajax.googleapis.com/ajax/libs/mootools/1.2.4/mootools-yui-compressed.js
                                    msedge.exe
                                    Remote address:
                                    142.250.200.42:80
                                    Request
                                    GET /ajax/libs/mootools/1.2.4/mootools-yui-compressed.js HTTP/1.1
                                    Host: ajax.googleapis.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Accept-Ranges: bytes
                                    Content-Encoding: gzip
                                    Access-Control-Allow-Origin: *
                                    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
                                    Cross-Origin-Resource-Policy: cross-origin
                                    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
                                    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
                                    Timing-Allow-Origin: *
                                    Content-Length: 21029
                                    X-Content-Type-Options: nosniff
                                    Server: sffe
                                    X-XSS-Protection: 0
                                    Date: Wed, 04 Sep 2024 13:57:28 GMT
                                    Expires: Thu, 04 Sep 2025 13:57:28 GMT
                                    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
                                    Age: 425207
                                    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
                                    Content-Type: text/javascript; charset=UTF-8
                                    Vary: Accept-Encoding
                                  • flag-gb
                                    GET
                                    http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
                                    msedge.exe
                                    Remote address:
                                    142.250.200.42:80
                                    Request
                                    GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
                                    Host: ajax.googleapis.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Accept-Ranges: bytes
                                    Content-Encoding: gzip
                                    Access-Control-Allow-Origin: *
                                    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
                                    Cross-Origin-Resource-Policy: cross-origin
                                    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
                                    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
                                    Timing-Allow-Origin: *
                                    Content-Length: 30082
                                    X-Content-Type-Options: nosniff
                                    Server: sffe
                                    X-XSS-Protection: 0
                                    Date: Fri, 06 Sep 2024 09:34:42 GMT
                                    Expires: Sat, 06 Sep 2025 09:34:42 GMT
                                    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
                                    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
                                    Content-Type: text/javascript; charset=UTF-8
                                    Vary: Accept-Encoding
                                    Age: 268173
                                  • flag-gb
                                    GET
                                    https://www.blogger.com/static/v1/widgets/254310735-widget_css_bundle.css
                                    msedge.exe
                                    Remote address:
                                    142.250.200.41:443
                                    Request
                                    GET /static/v1/widgets/254310735-widget_css_bundle.css HTTP/2.0
                                    host: www.blogger.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: text/css,*/*;q=0.1
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: style
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://www.blogger.com/static/v1/widgets/2230271354-widgets.js
                                    msedge.exe
                                    Remote address:
                                    142.250.200.41:443
                                    Request
                                    GET /static/v1/widgets/2230271354-widgets.js HTTP/2.0
                                    host: www.blogger.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7429458911528392134&zx=352d3b35-c030-4ca5-b803-4bef1e444733
                                    msedge.exe
                                    Remote address:
                                    142.250.200.41:443
                                    Request
                                    GET /dyn-css/authorization.css?targetBlogID=7429458911528392134&zx=352d3b35-c030-4ca5-b803-4bef1e444733 HTTP/2.0
                                    host: www.blogger.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: text/css,*/*;q=0.1
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: style
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://apis.google.com/js/plusone.js
                                    msedge.exe
                                    Remote address:
                                    142.250.200.14:443
                                    Request
                                    GET /js/plusone.js HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs
                                    msedge.exe
                                    Remote address:
                                    142.250.200.14:443
                                    Request
                                    GET /_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_1?le=scs
                                    msedge.exe
                                    Remote address:
                                    142.250.200.14:443
                                    Request
                                    GET /_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_1?le=scs HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    www.google.co.id
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.google.co.id
                                    IN A
                                    Response
                                    www.google.co.id
                                    IN A
                                    172.217.169.35
                                  • flag-gb
                                    GET
                                    http://www.blogger.com/img/icon18_edit_allbkg.gif
                                    msedge.exe
                                    Remote address:
                                    142.250.200.41:80
                                    Request
                                    GET /img/icon18_edit_allbkg.gif HTTP/1.1
                                    Host: www.blogger.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Accept-Ranges: bytes
                                    Cross-Origin-Resource-Policy: cross-origin
                                    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
                                    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
                                    Content-Length: 162
                                    X-Content-Type-Options: nosniff
                                    Server: sffe
                                    X-XSS-Protection: 0
                                    Date: Fri, 06 Sep 2024 20:33:15 GMT
                                    Expires: Fri, 13 Sep 2024 20:33:15 GMT
                                    Cache-Control: public, max-age=604800
                                    Last-Modified: Fri, 06 Sep 2024 18:00:17 GMT
                                    Content-Type: image/gif
                                    Age: 228660
                                  • flag-us
                                    DNS
                                    1.bp.blogspot.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    1.bp.blogspot.com
                                    IN A
                                    Response
                                    1.bp.blogspot.com
                                    IN CNAME
                                    photos-ugc.l.googleusercontent.com
                                    photos-ugc.l.googleusercontent.com
                                    IN A
                                    142.250.200.33
                                  • flag-us
                                    DNS
                                    1.bp.blogspot.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    1.bp.blogspot.com
                                    IN A
                                  • flag-us
                                    DNS
                                    4.bp.blogspot.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    4.bp.blogspot.com
                                    IN A
                                    Response
                                    4.bp.blogspot.com
                                    IN CNAME
                                    photos-ugc.l.googleusercontent.com
                                    photos-ugc.l.googleusercontent.com
                                    IN A
                                    142.250.200.33
                                  • flag-us
                                    DNS
                                    resources.blogblog.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    resources.blogblog.com
                                    IN A
                                    Response
                                    resources.blogblog.com
                                    IN CNAME
                                    blogger.l.google.com
                                    blogger.l.google.com
                                    IN A
                                    142.250.200.41
                                  • flag-us
                                    DNS
                                    agenprediksibola.net
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    agenprediksibola.net
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    icons.iconarchive.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    icons.iconarchive.com
                                    IN A
                                    Response
                                    icons.iconarchive.com
                                    IN A
                                    104.21.235.213
                                    icons.iconarchive.com
                                    IN A
                                    104.21.235.214
                                  • flag-us
                                    DNS
                                    3.bp.blogspot.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    3.bp.blogspot.com
                                    IN A
                                    Response
                                    3.bp.blogspot.com
                                    IN CNAME
                                    photos-ugc.l.googleusercontent.com
                                    photos-ugc.l.googleusercontent.com
                                    IN A
                                    142.250.200.33
                                  • flag-gb
                                    GET
                                    http://www.google.co.id/cse/brand?form=cse-search-box&lang=en
                                    msedge.exe
                                    Remote address:
                                    172.217.169.35:80
                                    Request
                                    GET /cse/brand?form=cse-search-box&lang=en HTTP/1.1
                                    Host: www.google.co.id
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 301 Moved Permanently
                                    Location: https://www.gstatic.com/prose/brandjs.js
                                    Content-Type: text/html; charset=UTF-8
                                    X-Content-Type-Options: nosniff
                                    Date: Mon, 09 Sep 2024 12:04:15 GMT
                                    Expires: Mon, 09 Sep 2024 12:34:15 GMT
                                    Cache-Control: public, max-age=1800
                                    Server: sffe
                                    Content-Length: 237
                                    X-XSS-Protection: 0
                                  • flag-us
                                    DNS
                                    13.86.106.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    13.86.106.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    68.32.126.40.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    68.32.126.40.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    16.43.107.13.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    16.43.107.13.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    42.200.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    42.200.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    42.200.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s30-in-f101e100net
                                  • flag-us
                                    DNS
                                    41.200.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    41.200.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    41.200.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s30-in-f91e100net
                                  • flag-us
                                    DNS
                                    81.144.22.2.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    81.144.22.2.in-addr.arpa
                                    IN PTR
                                    Response
                                    81.144.22.2.in-addr.arpa
                                    IN PTR
                                    a2-22-144-81deploystaticakamaitechnologiescom
                                  • flag-gb
                                    GET
                                    http://4.bp.blogspot.com/-Gbb8kYvEiuk/TVV-ayQN_fI/AAAAAAAAMqw/iU7Gwo0oyEk/s1600/contentwrap-bg.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /-Gbb8kYvEiuk/TVV-ayQN_fI/AAAAAAAAMqw/iU7Gwo0oyEk/s1600/contentwrap-bg.png HTTP/1.1
                                    Host: 4.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    Content-Disposition: inline;filename="contentwrap-bg.png"
                                    X-Content-Type-Options: nosniff
                                    Server: fife
                                    Content-Length: 199
                                    X-XSS-Protection: 0
                                    Date: Mon, 09 Sep 2024 12:04:15 GMT
                                    Expires: Tue, 10 Sep 2024 12:04:15 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    ETag: "v32ac"
                                    Content-Type: image/png
                                    Vary: Origin
                                    Age: 0
                                  • flag-gb
                                    GET
                                    http://4.bp.blogspot.com/-JGfQh1LdPPI/TVV-m3XhJiI/AAAAAAAAMrg/F3QbjYShfRM/s1600/rss.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /-JGfQh1LdPPI/TVV-m3XhJiI/AAAAAAAAMrg/F3QbjYShfRM/s1600/rss.png HTTP/1.1
                                    Host: 4.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Content-Type: image/png
                                    Vary: Origin
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    ETag: "v32b8"
                                    Expires: Tue, 10 Sep 2024 12:04:15 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    Content-Disposition: inline;filename="rss.png"
                                    X-Content-Type-Options: nosniff
                                    Date: Mon, 09 Sep 2024 12:04:15 GMT
                                    Server: fife
                                    Content-Length: 1080
                                    X-XSS-Protection: 0
                                  • flag-gb
                                    GET
                                    http://4.bp.blogspot.com/_8aZXeWtZzQY/TUxa8rOHgJI/AAAAAAAABoo/KPlS9FsnWUc/s000/date.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_8aZXeWtZzQY/TUxa8rOHgJI/AAAAAAAABoo/KPlS9FsnWUc/s000/date.png HTTP/1.1
                                    Host: 4.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Content-Type: image/png
                                    Vary: Origin
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    ETag: "v68a"
                                    Expires: Tue, 10 Sep 2024 12:04:15 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    Content-Disposition: inline;filename="date.png"
                                    X-Content-Type-Options: nosniff
                                    Date: Mon, 09 Sep 2024 12:04:15 GMT
                                    Server: fife
                                    Content-Length: 643
                                    X-XSS-Protection: 0
                                  • flag-gb
                                    GET
                                    http://3.bp.blogspot.com/-UdXruBDNMtQ/TVV-bkrtUWI/AAAAAAAAMrA/CSywoMq8-pk/s1600/nav-bg.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /-UdXruBDNMtQ/TVV-bkrtUWI/AAAAAAAAMrA/CSywoMq8-pk/s1600/nav-bg.png HTTP/1.1
                                    Host: 3.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    Content-Disposition: inline;filename="nav-bg.png"
                                    X-Content-Type-Options: nosniff
                                    Server: fife
                                    Content-Length: 238
                                    X-XSS-Protection: 0
                                    Date: Mon, 09 Sep 2024 12:04:15 GMT
                                    Expires: Tue, 10 Sep 2024 12:04:15 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    ETag: "v32b0"
                                    Content-Type: image/png
                                    Vary: Origin
                                    Age: 0
                                  • flag-gb
                                    GET
                                    https://resources.blogblog.com/img/icon18_wrench_allbkg.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.41:443
                                    Request
                                    GET /img/icon18_wrench_allbkg.png HTTP/2.0
                                    host: resources.blogblog.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    GET
                                    http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png
                                    msedge.exe
                                    Remote address:
                                    104.21.235.213:80
                                    Request
                                    GET /icons/deleket/folder/24/Mozilla-Thunderbird-icon.png HTTP/1.1
                                    Host: icons.iconarchive.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Date: Mon, 09 Sep 2024 12:04:15 GMT
                                    Content-Type: text/html
                                    Transfer-Encoding: chunked
                                    Connection: keep-alive
                                    Vary: Accept-Encoding
                                    Cache-Control: max-age=5356800
                                    CF-Cache-Status: EXPIRED
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=foRnLeSA6bDWBMPLPzXo1Z36tBkwN7VxiiPYD2Z%2F%2BwFJ7WGE3MtuGjzzex6Iivz93bD3TNzQd14xbSOTYANO3aimVblWrXOKP0kpa58VvUbZOyqXzgVDL17I77WDZa%2B7kjSoDo%2Bqlek%3D"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 8c070a2bda5abea0-LHR
                                    Content-Encoding: gzip
                                    alt-svc: h3=":443"; ma=86400
                                  • flag-gb
                                    GET
                                    http://3.bp.blogspot.com/_4HKUHirY_2U/TVV-mt1hh_I/AAAAAAAAMrY/exBKat_juV8/s1600/post-line.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_4HKUHirY_2U/TVV-mt1hh_I/AAAAAAAAMrY/exBKat_juV8/s1600/post-line.png HTTP/1.1
                                    Host: 3.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Content-Type: image/png
                                    Vary: Origin
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    ETag: "v32b6"
                                    Expires: Tue, 10 Sep 2024 12:04:15 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    Content-Disposition: inline;filename="post-line.png"
                                    X-Content-Type-Options: nosniff
                                    Date: Mon, 09 Sep 2024 12:04:15 GMT
                                    Server: fife
                                    Content-Length: 343
                                    X-XSS-Protection: 0
                                  • flag-gb
                                    GET
                                    http://3.bp.blogspot.com/_8aZXeWtZzQY/TUxa89eMz0I/AAAAAAAABos/QxyE7Xc_430/s000/user.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_8aZXeWtZzQY/TUxa89eMz0I/AAAAAAAABos/QxyE7Xc_430/s000/user.png HTTP/1.1
                                    Host: 3.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    Content-Disposition: inline;filename="user.png"
                                    X-Content-Type-Options: nosniff
                                    Server: fife
                                    Content-Length: 841
                                    X-XSS-Protection: 0
                                    Date: Mon, 09 Sep 2024 12:04:15 GMT
                                    Expires: Tue, 10 Sep 2024 12:04:15 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    ETag: "v68b"
                                    Content-Type: image/png
                                    Vary: Origin
                                    Age: 1
                                  • flag-gb
                                    GET
                                    http://4.bp.blogspot.com/_4HKUHirY_2U/TVV-y1IljsI/AAAAAAAAMsI/SH5PnhV7Gdw/s1600/wrapper-bg.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_4HKUHirY_2U/TVV-y1IljsI/AAAAAAAAMsI/SH5PnhV7Gdw/s1600/wrapper-bg.png HTTP/1.1
                                    Host: 4.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    Content-Disposition: inline;filename="wrapper-bg.png"
                                    X-Content-Type-Options: nosniff
                                    Server: fife
                                    Content-Length: 248
                                    X-XSS-Protection: 0
                                    Date: Mon, 09 Sep 2024 12:04:16 GMT
                                    Expires: Tue, 10 Sep 2024 12:04:16 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    ETag: "v32c2"
                                    Content-Type: image/png
                                    Vary: Origin
                                    Age: 0
                                  • flag-gb
                                    GET
                                    http://3.bp.blogspot.com/_4HKUHirY_2U/TVV-mTW-pNI/AAAAAAAAMrQ/5qEgmpCeTGE/s1600/nav-seperator.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_4HKUHirY_2U/TVV-mTW-pNI/AAAAAAAAMrQ/5qEgmpCeTGE/s1600/nav-seperator.png HTTP/1.1
                                    Host: 3.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Content-Type: image/png
                                    Vary: Origin
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    ETag: "v32b4"
                                    Expires: Tue, 10 Sep 2024 12:04:16 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    Content-Disposition: inline;filename="nav-seperator.png"
                                    X-Content-Type-Options: nosniff
                                    Date: Mon, 09 Sep 2024 12:04:16 GMT
                                    Server: fife
                                    Content-Length: 226
                                    X-XSS-Protection: 0
                                  • flag-us
                                    DNS
                                    www.facebook.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.facebook.com
                                    IN A
                                    Response
                                    www.facebook.com
                                    IN CNAME
                                    star-mini.c10r.facebook.com
                                    star-mini.c10r.facebook.com
                                    IN A
                                    157.240.221.35
                                  • flag-us
                                    DNS
                                    www.google.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.google.com
                                    IN A
                                    Response
                                    www.google.com
                                    IN A
                                    142.250.178.4
                                  • flag-gb
                                    GET
                                    http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959[/COLOR]&layout=standard&show_faces=false&width=450&action=like&font=tahoma&colorscheme=light&height=80
                                    msedge.exe
                                    Remote address:
                                    157.240.221.35:80
                                    Request
                                    GET /plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959[/COLOR]&layout=standard&show_faces=false&width=450&action=like&font=tahoma&colorscheme=light&height=80 HTTP/1.1
                                    Host: www.facebook.com
                                    Connection: keep-alive
                                    Upgrade-Insecure-Requests: 1
                                    DNT: 1
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 301 Moved Permanently
                                    Location: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959[/COLOR]&layout=standard&show_faces=false&width=450&action=like&font=tahoma&colorscheme=light&height=80
                                    Content-Type: text/plain
                                    Server: proxygen-bolt
                                    Date: Mon, 09 Sep 2024 12:04:16 GMT
                                    Connection: keep-alive
                                    Content-Length: 0
                                  • flag-gb
                                    GET
                                    http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
                                    msedge.exe
                                    Remote address:
                                    157.240.221.35:80
                                    Request
                                    GET /plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
                                    Host: www.facebook.com
                                    Connection: keep-alive
                                    Upgrade-Insecure-Requests: 1
                                    DNT: 1
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 301 Moved Permanently
                                    Location: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
                                    Content-Type: text/plain
                                    Server: proxygen-bolt
                                    Date: Mon, 09 Sep 2024 12:04:38 GMT
                                    Connection: keep-alive
                                    Content-Length: 0
                                  • flag-us
                                    DNS
                                    2.bp.blogspot.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    2.bp.blogspot.com
                                    IN A
                                    Response
                                    2.bp.blogspot.com
                                    IN CNAME
                                    photos-ugc.l.googleusercontent.com
                                    photos-ugc.l.googleusercontent.com
                                    IN A
                                    142.250.200.33
                                  • flag-us
                                    DNS
                                    s10.histats.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    s10.histats.com
                                    IN A
                                    Response
                                    s10.histats.com
                                    IN CNAME
                                    s10.histats.com.cdn.cloudflare.net
                                    s10.histats.com.cdn.cloudflare.net
                                    IN A
                                    172.66.132.118
                                    s10.histats.com.cdn.cloudflare.net
                                    IN A
                                    172.66.132.114
                                  • flag-gb
                                    GET
                                    https://www.google.com/cse/static/images/1x/en/branding.png
                                    msedge.exe
                                    Remote address:
                                    142.250.178.4:443
                                    Request
                                    GET /cse/static/images/1x/en/branding.png HTTP/2.0
                                    host: www.google.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    http://2.bp.blogspot.com/_4HKUHirY_2U/TVV-yjU0qjI/AAAAAAAAMr4/ktSRdkhv4so/s1600/sidebar-tab.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_4HKUHirY_2U/TVV-yjU0qjI/AAAAAAAAMr4/ktSRdkhv4so/s1600/sidebar-tab.png HTTP/1.1
                                    Host: 2.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    Content-Disposition: inline;filename="sidebar-tab.png"
                                    X-Content-Type-Options: nosniff
                                    Server: fife
                                    Content-Length: 367
                                    X-XSS-Protection: 0
                                    Date: Mon, 09 Sep 2024 12:04:16 GMT
                                    Expires: Tue, 10 Sep 2024 12:04:16 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    ETag: "v32be"
                                    Content-Type: image/png
                                    Vary: Origin
                                    Age: 0
                                  • flag-us
                                    DNS
                                    35.169.217.172.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    35.169.217.172.in-addr.arpa
                                    IN PTR
                                    Response
                                    35.169.217.172.in-addr.arpa
                                    IN PTR
                                    lhr48s08-in-f31e100net
                                  • flag-us
                                    DNS
                                    95.221.229.192.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    95.221.229.192.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    33.200.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    33.200.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    33.200.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s30-in-f11e100net
                                  • flag-us
                                    DNS
                                    213.235.21.104.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    213.235.21.104.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    227.179.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    227.179.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    227.179.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s31-in-f31e100net
                                  • flag-us
                                    GET
                                    http://s10.histats.com/js15.js
                                    msedge.exe
                                    Remote address:
                                    172.66.132.118:80
                                    Request
                                    GET /js15.js HTTP/1.1
                                    Host: s10.histats.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Mon, 09 Sep 2024 12:04:16 GMT
                                    Content-Type: text/javascript
                                    Content-Length: 4405
                                    Connection: keep-alive
                                    Content-Encoding: gzip
                                    ETag: "980881274"
                                    Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
                                    Vary: Accept-Encoding
                                    Cache-Control: max-age=28800
                                    CF-Cache-Status: HIT
                                    Age: 59898
                                    Accept-Ranges: bytes
                                    Server: cloudflare
                                    CF-RAY: 8c070a31ea5455ea-LHR
                                  • flag-gb
                                    GET
                                    http://1.bp.blogspot.com/_4HKUHirY_2U/TVV-y7BiRSI/AAAAAAAAMsA/ZP05TIq1cks/s1600/twitter.png
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_4HKUHirY_2U/TVV-y7BiRSI/AAAAAAAAMsA/ZP05TIq1cks/s1600/twitter.png HTTP/1.1
                                    Host: 1.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Access-Control-Expose-Headers: Content-Length
                                    Content-Disposition: inline;filename="twitter.png"
                                    X-Content-Type-Options: nosniff
                                    Server: fife
                                    Content-Length: 890
                                    X-XSS-Protection: 0
                                    Date: Mon, 09 Sep 2024 12:04:16 GMT
                                    Expires: Tue, 10 Sep 2024 12:04:16 GMT
                                    Cache-Control: public, max-age=86400, no-transform
                                    ETag: "v32c0"
                                    Content-Type: image/png
                                    Vary: Origin
                                    Age: 0
                                  • flag-gb
                                    GET
                                    http://1.bp.blogspot.com/_BwuB6VysU4Y/SW8cPGaDMPI/AAAAAAAAANY/Utqulr1uWLY/s320/Mail+to.bmp
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_BwuB6VysU4Y/SW8cPGaDMPI/AAAAAAAAANY/Utqulr1uWLY/s320/Mail+to.bmp HTTP/1.1
                                    Host: 1.bp.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Content-Type: image/png
                                    X-Content-Type-Options: nosniff
                                    Date: Mon, 09 Sep 2024 12:04:16 GMT
                                    Server: fife
                                    Content-Length: 915
                                    X-XSS-Protection: 0
                                  • flag-us
                                    DNS
                                    accounts.google.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    accounts.google.com
                                    IN A
                                    Response
                                    accounts.google.com
                                    IN A
                                    142.250.102.84
                                  • flag-nl
                                    GET
                                    https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7429458911528392134%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://ayanojou.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en._ShUtMH1OvQ.O/am%253DAABA/d%253D1/rs%253DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7429458911528392134%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://ayanojou.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en._ShUtMH1OvQ.O/am%253DAABA/d%253D1/rs%253DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/m%253D__features__%26bpli%3D1&go=true
                                    msedge.exe
                                    Remote address:
                                    142.250.102.84:443
                                    Request
                                    GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7429458911528392134%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://ayanojou.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en._ShUtMH1OvQ.O/am%253DAABA/d%253D1/rs%253DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7429458911528392134%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://ayanojou.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en._ShUtMH1OvQ.O/am%253DAABA/d%253D1/rs%253DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/m%253D__features__%26bpli%3D1&go=true HTTP/2.0
                                    host: accounts.google.com
                                    upgrade-insecure-requests: 1
                                    dnt: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    sec-ch-ua-mobile: ?0
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    s4.histats.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    s4.histats.com
                                    IN A
                                    Response
                                    s4.histats.com
                                    IN A
                                    54.39.128.162
                                    s4.histats.com
                                    IN A
                                    149.56.240.130
                                    s4.histats.com
                                    IN A
                                    54.39.156.32
                                    s4.histats.com
                                    IN A
                                    149.56.240.128
                                    s4.histats.com
                                    IN A
                                    149.56.240.131
                                    s4.histats.com
                                    IN A
                                    149.56.240.31
                                    s4.histats.com
                                    IN A
                                    54.39.128.117
                                    s4.histats.com
                                    IN A
                                    149.56.240.132
                                    s4.histats.com
                                    IN A
                                    142.4.219.198
                                    s4.histats.com
                                    IN A
                                    158.69.254.144
                                    s4.histats.com
                                    IN A
                                    149.56.240.129
                                    s4.histats.com
                                    IN A
                                    149.56.240.27
                                    s4.histats.com
                                    IN A
                                    149.56.240.127
                                  • flag-ca
                                    GET
                                    https://s4.histats.com/stats/1489404.php?1489404&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m2007%20~%20Ayanojou&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1280&@b1:-108607518&@b3:1725883456&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fd645be115c3f4d55390c25e1a882a915_JaffaCakes118.html&@w
                                    msedge.exe
                                    Remote address:
                                    54.39.128.162:443
                                    Request
                                    GET /stats/1489404.php?1489404&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m2007%20~%20Ayanojou&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1280&@b1:-108607518&@b3:1725883456&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fd645be115c3f4d55390c25e1a882a915_JaffaCakes118.html&@w HTTP/1.1
                                    Host: s4.histats.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    DNT: 1
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: script
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Mon, 09 Sep 2024 12:03:59 GMT
                                    Content-Type: text/html;charset=UTF-8
                                    Content-Length: 103
                                    Connection: close
                                  • flag-us
                                    DNS
                                    35.221.240.157.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    35.221.240.157.in-addr.arpa
                                    IN PTR
                                    Response
                                    35.221.240.157.in-addr.arpa
                                    IN PTR
                                    edge-star-mini-shv-01-lhr8facebookcom
                                  • flag-us
                                    DNS
                                    4.178.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    4.178.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    4.178.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s27-in-f41e100net
                                  • flag-us
                                    DNS
                                    118.132.66.172.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    118.132.66.172.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    84.102.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    84.102.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    84.102.250.142.in-addr.arpa
                                    IN PTR
                                    rb-in-f841e100net
                                  • flag-us
                                    DNS
                                    162.128.39.54.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    162.128.39.54.in-addr.arpa
                                    IN PTR
                                    Response
                                    162.128.39.54.in-addr.arpa
                                    IN PTR
                                    ns562109 ip-54-39-128net
                                  • flag-us
                                    GET
                                    https://s10.histats.com/counters/cc_604.js
                                    msedge.exe
                                    Remote address:
                                    172.66.132.118:443
                                    Request
                                    GET /counters/cc_604.js HTTP/2.0
                                    host: s10.histats.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                    Response
                                    HTTP/2.0 200
                                    date: Mon, 09 Sep 2024 12:04:31 GMT
                                    content-type: text/javascript
                                    content-length: 4509
                                    content-encoding: gzip
                                    etag: "1135266286"
                                    last-modified: Thu, 16 Apr 2020 10:45:32 GMT
                                    vary: Accept-Encoding
                                    cache-control: max-age=28800
                                    cf-cache-status: HIT
                                    age: 59720
                                    accept-ranges: bytes
                                    server: cloudflare
                                    cf-ray: 8c070a8dde40654d-LHR
                                  • flag-us
                                    DNS
                                    lh3.ggpht.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    lh3.ggpht.com
                                    IN A
                                    Response
                                    lh3.ggpht.com
                                    IN CNAME
                                    photos-ugc.l.googleusercontent.com
                                    photos-ugc.l.googleusercontent.com
                                    IN A
                                    142.250.200.33
                                  • flag-us
                                    DNS
                                    228.249.119.40.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    228.249.119.40.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-gb
                                    GET
                                    http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg
                                    msedge.exe
                                    Remote address:
                                    142.250.200.33:80
                                    Request
                                    GET /_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg HTTP/1.1
                                    Host: lh3.ggpht.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Access-Control-Allow-Origin: *
                                    Timing-Allow-Origin: *
                                    Content-Type: image/png
                                    X-Content-Type-Options: nosniff
                                    Date: Mon, 09 Sep 2024 12:04:38 GMT
                                    Server: fife
                                    Content-Length: 915
                                    X-XSS-Protection: 0
                                  • flag-us
                                    DNS
                                    ayanojou.blogspot.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    ayanojou.blogspot.com
                                    IN A
                                    Response
                                    ayanojou.blogspot.com
                                    IN CNAME
                                    blogspot.l.googleusercontent.com
                                    blogspot.l.googleusercontent.com
                                    IN A
                                    216.58.213.1
                                  • flag-gb
                                    GET
                                    http://ayanojou.blogspot.com/favicon.ico
                                    msedge.exe
                                    Remote address:
                                    216.58.213.1:80
                                    Request
                                    GET /favicon.ico HTTP/1.1
                                    Host: ayanojou.blogspot.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Content-Type: image/x-icon; charset=UTF-8
                                    Expires: Mon, 09 Sep 2024 12:04:39 GMT
                                    Date: Mon, 09 Sep 2024 12:04:39 GMT
                                    Cache-Control: private, max-age=86400
                                    Last-Modified: Thu, 05 Sep 2024 11:29:35 GMT
                                    ETag: W/"3108a7d0825c544079b5441dbcab39f50d75618031bf8021fc4c450d780b18dc"
                                    Content-Encoding: gzip
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    Content-Length: 412
                                    Server: GSE
                                  • flag-us
                                    DNS
                                    1.213.58.216.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    1.213.58.216.in-addr.arpa
                                    IN PTR
                                    Response
                                    1.213.58.216.in-addr.arpa
                                    IN PTR
                                    ber01s14-in-f11e100net
                                    1.213.58.216.in-addr.arpa
                                    IN PTR
                                    lhr25s25-in-f1�F
                                  • flag-us
                                    DNS
                                    50.23.12.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    50.23.12.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    198.187.3.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    198.187.3.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    198.187.3.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    198.187.3.20.in-addr.arpa
                                    IN PTR
                                  • flag-us
                                    DNS
                                    198.187.3.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    198.187.3.20.in-addr.arpa
                                    IN PTR
                                  • flag-us
                                    DNS
                                    92.12.20.2.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    92.12.20.2.in-addr.arpa
                                    IN PTR
                                    Response
                                    92.12.20.2.in-addr.arpa
                                    IN PTR
                                    a2-20-12-92deploystaticakamaitechnologiescom
                                  • flag-us
                                    DNS
                                    48.229.111.52.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    48.229.111.52.in-addr.arpa
                                    IN PTR
                                    Response
                                  • 142.250.200.42:80
                                    http://ajax.googleapis.com/ajax/libs/mootools/1.2.4/mootools-yui-compressed.js
                                    http
                                    msedge.exe
                                    1.0kB
                                    22.9kB
                                    15
                                    22

                                    HTTP Request

                                    GET http://ajax.googleapis.com/ajax/libs/mootools/1.2.4/mootools-yui-compressed.js

                                    HTTP Response

                                    200
                                  • 142.250.200.42:80
                                    http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
                                    http
                                    msedge.exe
                                    1.2kB
                                    32.2kB
                                    18
                                    28

                                    HTTP Request

                                    GET http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

                                    HTTP Response

                                    200
                                  • 142.250.200.41:443
                                    https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7429458911528392134&zx=352d3b35-c030-4ca5-b803-4bef1e444733
                                    tls, http2
                                    msedge.exe
                                    4.5kB
                                    70.5kB
                                    63
                                    70

                                    HTTP Request

                                    GET https://www.blogger.com/static/v1/widgets/254310735-widget_css_bundle.css

                                    HTTP Request

                                    GET https://www.blogger.com/static/v1/widgets/2230271354-widgets.js

                                    HTTP Request

                                    GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7429458911528392134&zx=352d3b35-c030-4ca5-b803-4bef1e444733
                                  • 142.250.200.14:443
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_1?le=scs
                                    tls, http2
                                    msedge.exe
                                    4.4kB
                                    109.5kB
                                    64
                                    92

                                    HTTP Request

                                    GET https://apis.google.com/js/plusone.js

                                    HTTP Request

                                    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_0?le=scs

                                    HTTP Request

                                    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en._ShUtMH1OvQ.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AABA/rs=AHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/cb=gapi.loaded_1?le=scs
                                  • 142.250.200.41:80
                                    http://www.blogger.com/img/icon18_edit_allbkg.gif
                                    http
                                    msedge.exe
                                    694 B
                                    1.0kB
                                    7
                                    6

                                    HTTP Request

                                    GET http://www.blogger.com/img/icon18_edit_allbkg.gif

                                    HTTP Response

                                    200
                                  • 172.217.169.35:80
                                    http://www.google.co.id/cse/brand?form=cse-search-box&lang=en
                                    http
                                    msedge.exe
                                    656 B
                                    854 B
                                    7
                                    6

                                    HTTP Request

                                    GET http://www.google.co.id/cse/brand?form=cse-search-box&lang=en

                                    HTTP Response

                                    301
                                  • 142.250.200.33:80
                                    http://4.bp.blogspot.com/-Gbb8kYvEiuk/TVV-ayQN_fI/AAAAAAAAMqw/iU7Gwo0oyEk/s1600/contentwrap-bg.png
                                    http
                                    msedge.exe
                                    743 B
                                    948 B
                                    7
                                    6

                                    HTTP Request

                                    GET http://4.bp.blogspot.com/-Gbb8kYvEiuk/TVV-ayQN_fI/AAAAAAAAMqw/iU7Gwo0oyEk/s1600/contentwrap-bg.png

                                    HTTP Response

                                    200
                                  • 142.250.200.33:80
                                    http://4.bp.blogspot.com/-JGfQh1LdPPI/TVV-m3XhJiI/AAAAAAAAMrg/F3QbjYShfRM/s1600/rss.png
                                    http
                                    msedge.exe
                                    778 B
                                    1.9kB
                                    8
                                    7

                                    HTTP Request

                                    GET http://4.bp.blogspot.com/-JGfQh1LdPPI/TVV-m3XhJiI/AAAAAAAAMrg/F3QbjYShfRM/s1600/rss.png

                                    HTTP Response

                                    200
                                  • 142.250.200.33:80
                                    http://4.bp.blogspot.com/_8aZXeWtZzQY/TUxa8rOHgJI/AAAAAAAABoo/KPlS9FsnWUc/s000/date.png
                                    http
                                    msedge.exe
                                    732 B
                                    1.4kB
                                    7
                                    6

                                    HTTP Request

                                    GET http://4.bp.blogspot.com/_8aZXeWtZzQY/TUxa8rOHgJI/AAAAAAAABoo/KPlS9FsnWUc/s000/date.png

                                    HTTP Response

                                    200
                                  • 142.250.200.33:80
                                    http://3.bp.blogspot.com/-UdXruBDNMtQ/TVV-bkrtUWI/AAAAAAAAMrA/CSywoMq8-pk/s1600/nav-bg.png
                                    http
                                    msedge.exe
                                    735 B
                                    979 B
                                    7
                                    6

                                    HTTP Request

                                    GET http://3.bp.blogspot.com/-UdXruBDNMtQ/TVV-bkrtUWI/AAAAAAAAMrA/CSywoMq8-pk/s1600/nav-bg.png

                                    HTTP Response

                                    200
                                  • 142.250.200.41:443
                                    https://resources.blogblog.com/img/icon18_wrench_allbkg.png
                                    tls, http2
                                    msedge.exe
                                    2.4kB
                                    7.1kB
                                    16
                                    19

                                    HTTP Request

                                    GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png
                                  • 104.21.235.213:80
                                    http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png
                                    http
                                    msedge.exe
                                    1.1kB
                                    1.1kB
                                    6
                                    5

                                    HTTP Request

                                    GET http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png

                                    HTTP Response

                                    404
                                  • 142.250.200.33:80
                                    3.bp.blogspot.com
                                    msedge.exe
                                    288 B
                                    156 B
                                    6
                                    3
                                  • 142.250.200.33:80
                                    3.bp.blogspot.com
                                    msedge.exe
                                    288 B
                                    156 B
                                    6
                                    3
                                  • 142.250.200.33:80
                                    3.bp.blogspot.com
                                    msedge.exe
                                    288 B
                                    156 B
                                    6
                                    3
                                  • 142.250.200.33:80
                                    http://3.bp.blogspot.com/_8aZXeWtZzQY/TUxa89eMz0I/AAAAAAAABos/QxyE7Xc_430/s000/user.png
                                    http
                                    msedge.exe
                                    1.6kB
                                    2.5kB
                                    9
                                    8

                                    HTTP Request

                                    GET http://3.bp.blogspot.com/_4HKUHirY_2U/TVV-mt1hh_I/AAAAAAAAMrY/exBKat_juV8/s1600/post-line.png

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://3.bp.blogspot.com/_8aZXeWtZzQY/TUxa89eMz0I/AAAAAAAABos/QxyE7Xc_430/s000/user.png

                                    HTTP Response

                                    200
                                  • 172.217.169.66:445
                                    pagead2.googlesyndication.com
                                    260 B
                                    5
                                  • 142.250.200.33:80
                                    http://4.bp.blogspot.com/_4HKUHirY_2U/TVV-y1IljsI/AAAAAAAAMsI/SH5PnhV7Gdw/s1600/wrapper-bg.png
                                    http
                                    msedge.exe
                                    739 B
                                    941 B
                                    7
                                    5

                                    HTTP Request

                                    GET http://4.bp.blogspot.com/_4HKUHirY_2U/TVV-y1IljsI/AAAAAAAAMsI/SH5PnhV7Gdw/s1600/wrapper-bg.png

                                    HTTP Response

                                    200
                                  • 142.250.200.33:80
                                    http://3.bp.blogspot.com/_4HKUHirY_2U/TVV-mTW-pNI/AAAAAAAAMrQ/5qEgmpCeTGE/s1600/nav-seperator.png
                                    http
                                    msedge.exe
                                    846 B
                                    2.4kB
                                    9
                                    7

                                    HTTP Request

                                    GET http://3.bp.blogspot.com/_4HKUHirY_2U/TVV-mTW-pNI/AAAAAAAAMrQ/5qEgmpCeTGE/s1600/nav-seperator.png

                                    HTTP Response

                                    200
                                  • 157.240.221.35:80
                                    http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
                                    http
                                    msedge.exe
                                    1.6kB
                                    1.0kB
                                    8
                                    6

                                    HTTP Request

                                    GET http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959[/COLOR]&layout=standard&show_faces=false&width=450&action=like&font=tahoma&colorscheme=light&height=80

                                    HTTP Response

                                    301

                                    HTTP Request

                                    GET http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/pages/Agen-Prediksi-Bola/702558806520959&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

                                    HTTP Response

                                    301
                                  • 142.250.178.4:443
                                    https://www.google.com/cse/static/images/1x/en/branding.png
                                    tls, http2
                                    msedge.exe
                                    2.2kB
                                    11.6kB
                                    23
                                    23

                                    HTTP Request

                                    GET https://www.google.com/cse/static/images/1x/en/branding.png
                                  • 142.250.200.33:80
                                    http://2.bp.blogspot.com/_4HKUHirY_2U/TVV-yjU0qjI/AAAAAAAAMr4/ktSRdkhv4so/s1600/sidebar-tab.png
                                    http
                                    msedge.exe
                                    792 B
                                    2.0kB
                                    8
                                    7

                                    HTTP Request

                                    GET http://2.bp.blogspot.com/_4HKUHirY_2U/TVV-yjU0qjI/AAAAAAAAMr4/ktSRdkhv4so/s1600/sidebar-tab.png

                                    HTTP Response

                                    200
                                  • 172.66.132.118:80
                                    http://s10.histats.com/js15.js
                                    http
                                    msedge.exe
                                    870 B
                                    7.3kB
                                    10
                                    10

                                    HTTP Request

                                    GET http://s10.histats.com/js15.js

                                    HTTP Response

                                    200
                                  • 142.250.200.33:80
                                    http://1.bp.blogspot.com/_4HKUHirY_2U/TVV-y7BiRSI/AAAAAAAAMsA/ZP05TIq1cks/s1600/twitter.png
                                    http
                                    msedge.exe
                                    742 B
                                    3.0kB
                                    7
                                    7

                                    HTTP Request

                                    GET http://1.bp.blogspot.com/_4HKUHirY_2U/TVV-y7BiRSI/AAAAAAAAMsA/ZP05TIq1cks/s1600/twitter.png

                                    HTTP Response

                                    200
                                  • 142.250.200.33:80
                                    http://1.bp.blogspot.com/_BwuB6VysU4Y/SW8cPGaDMPI/AAAAAAAAANY/Utqulr1uWLY/s320/Mail+to.bmp
                                    http
                                    msedge.exe
                                    741 B
                                    2.6kB
                                    7
                                    7

                                    HTTP Request

                                    GET http://1.bp.blogspot.com/_BwuB6VysU4Y/SW8cPGaDMPI/AAAAAAAAANY/Utqulr1uWLY/s320/Mail+to.bmp

                                    HTTP Response

                                    404
                                  • 157.240.221.35:443
                                    www.facebook.com
                                    tls
                                    msedge.exe
                                    2.9kB
                                    9.0kB
                                    20
                                    24
                                  • 142.250.102.84:443
                                    https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7429458911528392134%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://ayanojou.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en._ShUtMH1OvQ.O/am%253DAABA/d%253D1/rs%253DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7429458911528392134%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://ayanojou.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en._ShUtMH1OvQ.O/am%253DAABA/d%253D1/rs%253DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/m%253D__features__%26bpli%3D1&go=true
                                    tls, http2
                                    msedge.exe
                                    2.7kB
                                    7.7kB
                                    18
                                    19

                                    HTTP Request

                                    GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7429458911528392134%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://ayanojou.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en._ShUtMH1OvQ.O/am%253DAABA/d%253D1/rs%253DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7429458911528392134%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NjY2NjYiByM1NTg4YWEqByNmZmZmZmYyByNjYzY2MDA6ByM2NjY2NjZCByM1NTg4YWFKByM5OTk5OTlSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://ayanojou.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en._ShUtMH1OvQ.O/am%253DAABA/d%253D1/rs%253DAHpOoo9sEd_Wjj_xEtgO8qX69P7hAZI9cg/m%253D__features__%26bpli%3D1&go=true
                                  • 142.250.102.84:443
                                    accounts.google.com
                                    tls, http2
                                    msedge.exe
                                    1.0kB
                                    5.7kB
                                    10
                                    10
                                  • 54.39.128.162:443
                                    https://s4.histats.com/stats/1489404.php?1489404&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m2007%20~%20Ayanojou&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1280&@b1:-108607518&@b3:1725883456&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fd645be115c3f4d55390c25e1a882a915_JaffaCakes118.html&@w
                                    tls, http
                                    msedge.exe
                                    3.7kB
                                    3.9kB
                                    11
                                    9

                                    HTTP Request

                                    GET https://s4.histats.com/stats/1489404.php?1489404&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m2007%20~%20Ayanojou&@n0&@o1000&@q0&@r0&@s604&@ten-US&@u1280&@b1:-108607518&@b3:1725883456&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fd645be115c3f4d55390c25e1a882a915_JaffaCakes118.html&@w

                                    HTTP Response

                                    200
                                  • 172.217.16.226:139
                                    pagead2.googlesyndication.com
                                    260 B
                                    5
                                  • 172.66.132.118:443
                                    https://s10.histats.com/counters/cc_604.js
                                    tls, http2
                                    msedge.exe
                                    1.7kB
                                    8.3kB
                                    15
                                    16

                                    HTTP Request

                                    GET https://s10.histats.com/counters/cc_604.js

                                    HTTP Response

                                    200
                                  • 172.66.132.118:443
                                    s10.histats.com
                                    tls, http2
                                    msedge.exe
                                    988 B
                                    1.0kB
                                    8
                                    6
                                  • 142.250.200.33:80
                                    http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg
                                    http
                                    msedge.exe
                                    684 B
                                    1.4kB
                                    6
                                    5

                                    HTTP Request

                                    GET http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

                                    HTTP Response

                                    404
                                  • 216.58.213.1:80
                                    http://ayanojou.blogspot.com/favicon.ico
                                    http
                                    msedge.exe
                                    639 B
                                    1.1kB
                                    6
                                    6

                                    HTTP Request

                                    GET http://ayanojou.blogspot.com/favicon.ico

                                    HTTP Response

                                    200
                                  • 8.8.8.8:53
                                    8.8.8.8.in-addr.arpa
                                    dns
                                    66 B
                                    90 B
                                    1
                                    1

                                    DNS Request

                                    8.8.8.8.in-addr.arpa

                                  • 8.8.8.8:53
                                    apis.google.com
                                    dns
                                    msedge.exe
                                    61 B
                                    98 B
                                    1
                                    1

                                    DNS Request

                                    apis.google.com

                                    DNS Response

                                    142.250.200.14

                                  • 8.8.8.8:53
                                    www.blogger.com
                                    dns
                                    msedge.exe
                                    61 B
                                    108 B
                                    1
                                    1

                                    DNS Request

                                    www.blogger.com

                                    DNS Response

                                    142.250.200.41

                                  • 8.8.8.8:53
                                    ajax.googleapis.com
                                    dns
                                    msedge.exe
                                    65 B
                                    81 B
                                    1
                                    1

                                    DNS Request

                                    ajax.googleapis.com

                                    DNS Response

                                    142.250.200.42

                                  • 8.8.8.8:53
                                    www.google.co.id
                                    dns
                                    msedge.exe
                                    62 B
                                    78 B
                                    1
                                    1

                                    DNS Request

                                    www.google.co.id

                                    DNS Response

                                    172.217.169.35

                                  • 142.250.200.41:443
                                    www.blogger.com
                                    https
                                    msedge.exe
                                    7.9kB
                                    13.0kB
                                    25
                                    29
                                  • 8.8.8.8:53
                                    1.bp.blogspot.com
                                    dns
                                    msedge.exe
                                    126 B
                                    124 B
                                    2
                                    1

                                    DNS Request

                                    1.bp.blogspot.com

                                    DNS Request

                                    1.bp.blogspot.com

                                    DNS Response

                                    142.250.200.33

                                  • 8.8.8.8:53
                                    4.bp.blogspot.com
                                    dns
                                    msedge.exe
                                    63 B
                                    124 B
                                    1
                                    1

                                    DNS Request

                                    4.bp.blogspot.com

                                    DNS Response

                                    142.250.200.33

                                  • 8.8.8.8:53
                                    resources.blogblog.com
                                    dns
                                    msedge.exe
                                    68 B
                                    115 B
                                    1
                                    1

                                    DNS Request

                                    resources.blogblog.com

                                    DNS Response

                                    142.250.200.41

                                  • 142.250.200.14:443
                                    apis.google.com
                                    https
                                    msedge.exe
                                    7.4kB
                                    157.8kB
                                    63
                                    127
                                  • 8.8.8.8:53
                                    agenprediksibola.net
                                    dns
                                    msedge.exe
                                    66 B
                                    139 B
                                    1
                                    1

                                    DNS Request

                                    agenprediksibola.net

                                  • 8.8.8.8:53
                                    icons.iconarchive.com
                                    dns
                                    msedge.exe
                                    67 B
                                    99 B
                                    1
                                    1

                                    DNS Request

                                    icons.iconarchive.com

                                    DNS Response

                                    104.21.235.213
                                    104.21.235.214

                                  • 8.8.8.8:53
                                    3.bp.blogspot.com
                                    dns
                                    msedge.exe
                                    63 B
                                    124 B
                                    1
                                    1

                                    DNS Request

                                    3.bp.blogspot.com

                                    DNS Response

                                    142.250.200.33

                                  • 8.8.8.8:53
                                    13.86.106.20.in-addr.arpa
                                    dns
                                    71 B
                                    157 B
                                    1
                                    1

                                    DNS Request

                                    13.86.106.20.in-addr.arpa

                                  • 8.8.8.8:53
                                    68.32.126.40.in-addr.arpa
                                    dns
                                    71 B
                                    157 B
                                    1
                                    1

                                    DNS Request

                                    68.32.126.40.in-addr.arpa

                                  • 8.8.8.8:53
                                    16.43.107.13.in-addr.arpa
                                    dns
                                    71 B
                                    157 B
                                    1
                                    1

                                    DNS Request

                                    16.43.107.13.in-addr.arpa

                                  • 8.8.8.8:53
                                    42.200.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    42.200.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    41.200.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    111 B
                                    1
                                    1

                                    DNS Request

                                    41.200.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    81.144.22.2.in-addr.arpa
                                    dns
                                    70 B
                                    133 B
                                    1
                                    1

                                    DNS Request

                                    81.144.22.2.in-addr.arpa

                                  • 8.8.8.8:53
                                    www.facebook.com
                                    dns
                                    msedge.exe
                                    62 B
                                    107 B
                                    1
                                    1

                                    DNS Request

                                    www.facebook.com

                                    DNS Response

                                    157.240.221.35

                                  • 8.8.8.8:53
                                    www.google.com
                                    dns
                                    msedge.exe
                                    60 B
                                    76 B
                                    1
                                    1

                                    DNS Request

                                    www.google.com

                                    DNS Response

                                    142.250.178.4

                                  • 8.8.8.8:53
                                    2.bp.blogspot.com
                                    dns
                                    msedge.exe
                                    63 B
                                    124 B
                                    1
                                    1

                                    DNS Request

                                    2.bp.blogspot.com

                                    DNS Response

                                    142.250.200.33

                                  • 8.8.8.8:53
                                    s10.histats.com
                                    dns
                                    msedge.exe
                                    61 B
                                    141 B
                                    1
                                    1

                                    DNS Request

                                    s10.histats.com

                                    DNS Response

                                    172.66.132.118
                                    172.66.132.114

                                  • 8.8.8.8:53
                                    35.169.217.172.in-addr.arpa
                                    dns
                                    73 B
                                    111 B
                                    1
                                    1

                                    DNS Request

                                    35.169.217.172.in-addr.arpa

                                  • 8.8.8.8:53
                                    95.221.229.192.in-addr.arpa
                                    dns
                                    73 B
                                    144 B
                                    1
                                    1

                                    DNS Request

                                    95.221.229.192.in-addr.arpa

                                  • 8.8.8.8:53
                                    33.200.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    111 B
                                    1
                                    1

                                    DNS Request

                                    33.200.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    213.235.21.104.in-addr.arpa
                                    dns
                                    73 B
                                    135 B
                                    1
                                    1

                                    DNS Request

                                    213.235.21.104.in-addr.arpa

                                  • 8.8.8.8:53
                                    227.179.250.142.in-addr.arpa
                                    dns
                                    74 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    227.179.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    accounts.google.com
                                    dns
                                    msedge.exe
                                    65 B
                                    81 B
                                    1
                                    1

                                    DNS Request

                                    accounts.google.com

                                    DNS Response

                                    142.250.102.84

                                  • 8.8.8.8:53
                                    s4.histats.com
                                    dns
                                    msedge.exe
                                    60 B
                                    268 B
                                    1
                                    1

                                    DNS Request

                                    s4.histats.com

                                    DNS Response

                                    54.39.128.162
                                    149.56.240.130
                                    54.39.156.32
                                    149.56.240.128
                                    149.56.240.131
                                    149.56.240.31
                                    54.39.128.117
                                    149.56.240.132
                                    142.4.219.198
                                    158.69.254.144
                                    149.56.240.129
                                    149.56.240.27
                                    149.56.240.127

                                  • 8.8.8.8:53
                                    35.221.240.157.in-addr.arpa
                                    dns
                                    73 B
                                    126 B
                                    1
                                    1

                                    DNS Request

                                    35.221.240.157.in-addr.arpa

                                  • 8.8.8.8:53
                                    4.178.250.142.in-addr.arpa
                                    dns
                                    72 B
                                    110 B
                                    1
                                    1

                                    DNS Request

                                    4.178.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    118.132.66.172.in-addr.arpa
                                    dns
                                    73 B
                                    135 B
                                    1
                                    1

                                    DNS Request

                                    118.132.66.172.in-addr.arpa

                                  • 8.8.8.8:53
                                    84.102.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    106 B
                                    1
                                    1

                                    DNS Request

                                    84.102.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    162.128.39.54.in-addr.arpa
                                    dns
                                    72 B
                                    111 B
                                    1
                                    1

                                    DNS Request

                                    162.128.39.54.in-addr.arpa

                                  • 224.0.0.251:5353
                                    msedge.exe
                                    445 B
                                    7
                                  • 8.8.8.8:53
                                    lh3.ggpht.com
                                    dns
                                    msedge.exe
                                    59 B
                                    120 B
                                    1
                                    1

                                    DNS Request

                                    lh3.ggpht.com

                                    DNS Response

                                    142.250.200.33

                                  • 8.8.8.8:53
                                    228.249.119.40.in-addr.arpa
                                    dns
                                    73 B
                                    159 B
                                    1
                                    1

                                    DNS Request

                                    228.249.119.40.in-addr.arpa

                                  • 8.8.8.8:53
                                    ayanojou.blogspot.com
                                    dns
                                    msedge.exe
                                    67 B
                                    126 B
                                    1
                                    1

                                    DNS Request

                                    ayanojou.blogspot.com

                                    DNS Response

                                    216.58.213.1

                                  • 8.8.8.8:53
                                    1.213.58.216.in-addr.arpa
                                    dns
                                    71 B
                                    138 B
                                    1
                                    1

                                    DNS Request

                                    1.213.58.216.in-addr.arpa

                                  • 8.8.8.8:53
                                    50.23.12.20.in-addr.arpa
                                    dns
                                    70 B
                                    156 B
                                    1
                                    1

                                    DNS Request

                                    50.23.12.20.in-addr.arpa

                                  • 8.8.8.8:53
                                    198.187.3.20.in-addr.arpa
                                    dns
                                    213 B
                                    157 B
                                    3
                                    1

                                    DNS Request

                                    198.187.3.20.in-addr.arpa

                                    DNS Request

                                    198.187.3.20.in-addr.arpa

                                    DNS Request

                                    198.187.3.20.in-addr.arpa

                                  • 8.8.8.8:53
                                    92.12.20.2.in-addr.arpa
                                    dns
                                    69 B
                                    131 B
                                    1
                                    1

                                    DNS Request

                                    92.12.20.2.in-addr.arpa

                                  • 8.8.8.8:53
                                    48.229.111.52.in-addr.arpa
                                    dns
                                    72 B
                                    158 B
                                    1
                                    1

                                    DNS Request

                                    48.229.111.52.in-addr.arpa

                                  MITRE ATT&CK Enterprise v15

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    ff63763eedb406987ced076e36ec9acf

                                    SHA1

                                    16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

                                    SHA256

                                    8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

                                    SHA512

                                    ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    2783c40400a8912a79cfd383da731086

                                    SHA1

                                    001a131fe399c30973089e18358818090ca81789

                                    SHA256

                                    331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

                                    SHA512

                                    b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                    Filesize

                                    23KB

                                    MD5

                                    33a83c16527e4531fbfca2631f653674

                                    SHA1

                                    87a63514c262ba4bffc52d2ceebb3ca14353507a

                                    SHA256

                                    1156bb50a264543f6a9dc8922dd2c65d444c8bb11b3b18be95d5adff840b33b4

                                    SHA512

                                    f1dba28d0f81aa0894436ae7b4ba76a2e635f002f666d17d31b8b21500dc2321d7862ca8dcfd22e44aab4d1f33112c076dc95191c889546a40f9c6197cccbda3

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                    Filesize

                                    45KB

                                    MD5

                                    aa6a698d1c7fc6d35265b10af5570e9c

                                    SHA1

                                    00da372ad4964a5d5b8afff7fe1b207ff284f232

                                    SHA256

                                    02f6ae7bda59fb1a20d3386021fb972ced348bf724fea42157225d416f9f049a

                                    SHA512

                                    f5b2f732e899cc0fed577e1ef1c51c154ede5d206543e8ac7c1fabb182901f8e93e137b63f12cbb87b3f570a283a368bfb1b9d637cc5b1c4f1669ff5cfbf306b

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    144B

                                    MD5

                                    18c4a6e2d586af484a0c0bbd5fdabd2a

                                    SHA1

                                    b55c956c1d31e943f71df4fc355fde69782066a0

                                    SHA256

                                    f6a293ff3f2234a9277c8f68dccdb1aae95de2d3124d7ad5acd59e65cbe0899c

                                    SHA512

                                    bf96cfc9332a72783294163f6b00e1dfb014eb5daf344f967c005b2ca1fef0b82207808676545ed7cde75d77c9878c4c6ce81c99ed537dd61dbaca71cb45607c

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    1KB

                                    MD5

                                    1c36bbe069099d72bbad12a21fbbd3d9

                                    SHA1

                                    b6c27533fd16e9f414bc75b1d9c480fe82f1879b

                                    SHA256

                                    4327db11266c2a3e3ca97fc173554e601d7ac635543f765b8a853657cebbb794

                                    SHA512

                                    2b6c73faa584f7d77c7fcbe1096b6b741c584fb76d3d23782def935cbd540b91abdfbbd8d20fc6cc1e6f49c134ceba5e16ad0f75837b7b58d1e82f4ac8e23e27

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    5KB

                                    MD5

                                    cefe94a9b285d7293915859b053588d0

                                    SHA1

                                    3f0ea4b505954989323e46c295623c190a7c2a02

                                    SHA256

                                    7a65151af141a7beafa933e6f5be1312bf00f8c26d994fa3f2e6455a9d618833

                                    SHA512

                                    9031b2e07254fb25643f8e64f8aeb7d8a909af583ed5285c3e8388b4b11ac92dc9409fe374e1a04e585001efede13c4dcee24de78e0b6eb4837ff212151dfc54

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    7KB

                                    MD5

                                    42e09e3b691d6d0404ec1d3daab05631

                                    SHA1

                                    bd8f120c86f828d924fbd8029f6c21b379fcf095

                                    SHA256

                                    0045e5a9d6e05ab95d26df4fbcb314f939cd718d9b05b84d5d5855230fb9df72

                                    SHA512

                                    c48517bdc05074592efc581651c8ff80848888bfa4c74533e357d155886ed360402a959f17747736b2e4c5ccdb1dbda3ad01b41ef027ad92c4a0f5cbb3c52522

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    7KB

                                    MD5

                                    6490958a8f73ab566048d1c7bc6291fd

                                    SHA1

                                    83c251dcb382feb47b1349013a3450848f8e407f

                                    SHA256

                                    2d55af8f5bb52d7a39d03a7e4cd21db8826660be8d392b86ff41adb2d4538d09

                                    SHA512

                                    37603670b8ae27a509988a9f9bccad43ace1df8355bf6633ec23c11b394dd4c45f1ba764f609aa93596a1f543a5cfe599ab6022c4b8f5910057aeba3233ed9ec

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    6752a1d65b201c13b62ea44016eb221f

                                    SHA1

                                    58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                    SHA256

                                    0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                    SHA512

                                    9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                    Filesize

                                    10KB

                                    MD5

                                    c296db35e57a0715a2d91e150a4add1e

                                    SHA1

                                    069ddab1771bdf04f363581a9cfadc9341e379d9

                                    SHA256

                                    41e1db4468c50ce927bc9652810242e560ed47a77429341c5b88ccbd2ba671e3

                                    SHA512

                                    2fd13e44a052e3bd729956ed651e23193cb0f2520b6a7733a455147081af4e24560cd678d76ced040f5d3afbd5dbe0b161c7ca871cf7614d2e2ff6cff2b25009

                                  We care about your privacy.

                                  This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.