b98420e64dcaddff50c6b6a743bfe5a2ffc6cb7c23be486759ae900eafb91cc4

Analysis

max time kernel
149s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
05/12/2024, 06:50 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c66d4e415174b45316e52eb83e11060e_JaffaCakes118.html
Size

122KB
MD5

c66d4e415174b45316e52eb83e11060e
SHA1

165c6b5cc9e707031f5dab0c46287238d224ff6c
SHA256

b98420e64dcaddff50c6b6a743bfe5a2ffc6cb7c23be486759ae900eafb91cc4
SHA512

eee40afaca14bb0aa8c6ee5eaec3d91fa8031224e0d25ed8f8e448aae6b10a84acc1577fc81ff4e7e7f55489fc098af293888564455a36e3a76358d3e7ec5c56
SSDEEP

3072:wjo8Njz2S81Ep2svbEfd21D6VleByTPBXJ27/P7UHeaA2eD1nh:v8RH1AkLN

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
1632	msedge.exe
1632	msedge.exe
556	msedge.exe
556	msedge.exe
2660	identity_helper.exe
2660	identity_helper.exe
4276	msedge.exe
4276	msedge.exe
4276	msedge.exe
4276	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 20 IoCs

pid	Process
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe
556	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 556 wrote to memory of 3840	556	msedge.exe	82
PID 556 wrote to memory of 3840	556	msedge.exe	82
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 2264	556	msedge.exe	83
PID 556 wrote to memory of 1632	556	msedge.exe	84
PID 556 wrote to memory of 1632	556	msedge.exe	84
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85
PID 556 wrote to memory of 4292	556	msedge.exe	85

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\c66d4e415174b45316e52eb83e11060e_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffbbcb46f8,0x7fffbbcb4708,0x7fffbbcb4718
  2⤵
  PID:3840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:2264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
  2⤵
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2616 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:3624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
  2⤵
  PID:216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4848 /prefetch:8
  2⤵
  PID:2568
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6896 /prefetch:8
  2⤵
  PID:3060
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6896 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6572 /prefetch:1
  2⤵
  PID:4136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:3304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
  2⤵
  PID:228
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
  2⤵
  PID:384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5056 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
  2⤵
  PID:2300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:1868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:1816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
  2⤵
  PID:1340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
  2⤵
  PID:2952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
  2⤵
  PID:1952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,15637319702403509955,11889515947478501818,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1896 /prefetch:1
  2⤵
  PID:3260

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3624

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2412

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x320 0x3f0
1⤵
PID:628

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5036

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

217.106.137.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.106.137.52.in-addr.arpa

IN PTR

Response
DNS

71.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.159.190.20.in-addr.arpa

IN PTR

Response
DNS

layanan.oposisi.net

msedge.exe

Remote address:

8.8.8.8:53

Request

layanan.oposisi.net

IN A

Response
DNS

www.blogger.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.blogger.com

IN A

Response

www.blogger.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.179.233
DNS

yourjavascript.com

msedge.exe

Remote address:

8.8.8.8:53

Request

yourjavascript.com

IN A

Response

yourjavascript.com

IN A

76.223.54.146

yourjavascript.com

IN A

13.248.169.48
DNS

ajax.googleapis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.179.234
DNS

apis.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.178.14
DNS

dinhquanghuy.110mb.com

msedge.exe

Remote address:

8.8.8.8:53

Request

dinhquanghuy.110mb.com

IN A

Response
GET

http://yourjavascript.com/31244224371/fb.js

msedge.exe

Remote address:

76.223.54.146:80

Request

GET /31244224371/fb.js HTTP/1.1
Host: yourjavascript.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: openresty
Date: Thu, 05 Dec 2024 06:50:43 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js

msedge.exe

Remote address:

142.250.179.234:443

Request

GET /ajax/libs/jquery/1.6.1/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js

msedge.exe

Remote address:

142.250.179.234:443

Request

GET /ajax/libs/jquery/1.5.0/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.blogger.com/static/v1/widgets/2727757643-css_bundle_v2.css

msedge.exe

Remote address:

142.250.179.233:443

Request

GET /static/v1/widgets/2727757643-css_bundle_v2.css HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.blogger.com/static/v1/widgets/2518973450-widgets.js

msedge.exe

Remote address:

142.250.179.233:443

Request

GET /static/v1/widgets/2518973450-widgets.js HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://apis.google.com/js/plusone.js

msedge.exe

Remote address:

142.250.178.14:443

Request

GET /js/plusone.js HTTP/2.0
host: apis.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://yourjavascript.com/290582211131/auto-like-10-seconds.js

msedge.exe

Remote address:

76.223.54.146:80

Request

GET /290582211131/auto-like-10-seconds.js HTTP/1.1
Host: yourjavascript.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: openresty
Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
GET

http://yourjavascript.com/03931371151/gfafb.js

msedge.exe

Remote address:

76.223.54.146:80

Request

GET /03931371151/gfafb.js HTTP/1.1
Host: yourjavascript.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: openresty
Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Type: text/html
Content-Length: 114
Connection: keep-alive
DNS

adsensecamp.com

msedge.exe

Remote address:

8.8.8.8:53

Request

adsensecamp.com

IN A

Response

adsensecamp.com

IN A

103.30.145.12
DNS

www.linkwithin.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.linkwithin.com

IN A

Response

www.linkwithin.com

IN CNAME

linkwithin.com

linkwithin.com

IN A

118.139.179.30
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
DNS

imemovaz.googlecode.com

msedge.exe

Remote address:

8.8.8.8:53

Request

imemovaz.googlecode.com

IN A

Response

imemovaz.googlecode.com

IN CNAME

googlecode.l.googleusercontent.com

googlecode.l.googleusercontent.com

IN A

108.177.15.82
DNS

feedjit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

feedjit.com

IN A

Response
DNS

andreykusanagi.googlecode.com

msedge.exe

Remote address:

8.8.8.8:53

Request

andreykusanagi.googlecode.com

IN A

Response

andreykusanagi.googlecode.com

IN CNAME

googlecode.l.googleusercontent.com

googlecode.l.googleusercontent.com

IN A

108.177.15.82
DNS

2.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

2.bp.blogspot.com

IN A

Response

2.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

172.217.16.225
DNS

www.lintas.me

msedge.exe

Remote address:

8.8.8.8:53

Request

www.lintas.me

IN A

Response

www.lintas.me

IN A

104.21.59.55

www.lintas.me

IN A

172.67.215.31
DNS

s2.sigmirror.com

msedge.exe

Remote address:

8.8.8.8:53

Request

s2.sigmirror.com

IN A

Response
DNS

mybloggertricks.googlecode.com

msedge.exe

Remote address:

8.8.8.8:53

Request

mybloggertricks.googlecode.com

IN A

Response

mybloggertricks.googlecode.com

IN CNAME

googlecode.l.googleusercontent.com

googlecode.l.googleusercontent.com

IN A

108.177.15.82
GET

http://www.linkwithin.com/widget.js

msedge.exe

Remote address:

118.139.179.30:80

Request

GET /widget.js HTTP/1.1
Host: www.linkwithin.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Date: Thu, 05 Dec 2024 06:50:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

http://www.google.com/jsapi

msedge.exe

Remote address:

142.250.187.196:80

Request

GET /jsapi HTTP/1.1
Host: www.google.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Location: https://www.gstatic.com/charts/loader.js
Server: sffe
Content-Length: 237
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:39:07 GMT
Expires: Thu, 05 Dec 2024 07:09:07 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 697
GET

http://imemovaz.googlecode.com/files/tripleflap.js

msedge.exe

Remote address:

108.177.15.82:80

Request

GET /files/tripleflap.js HTTP/1.1
Host: imemovaz.googlecode.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1580
Date: Thu, 05 Dec 2024 06:50:44 GMT
GET

http://2.bp.blogspot.com/-uSaNeuyL8Ho/T5_SRyaFLAI/AAAAAAAAAUM/FMQkWAvK26I/s1600/headerblog-gfaweb.jpg

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /-uSaNeuyL8Ho/T5_SRyaFLAI/AAAAAAAAAUM/FMQkWAvK26I/s1600/headerblog-gfaweb.jpg HTTP/1.1
Host: 2.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="headerblog-gfaweb.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 91801
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:50:44 GMT
Expires: Fri, 06 Dec 2024 06:50:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v143"
Content-Type: image/jpeg
Vary: Origin
Age: 0
GET

http://2.bp.blogspot.com/-UrCnybwBve4/T4VW9oceXcI/AAAAAAAAAO0/0nrDauxU9po/w72-h72-p-k-no-nu/1.jpg

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /-UrCnybwBve4/T4VW9oceXcI/AAAAAAAAAO0/0nrDauxU9po/w72-h72-p-k-no-nu/1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2989
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:50:44 GMT
Expires: Fri, 06 Dec 2024 06:50:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v6d3"
Content-Type: image/jpeg
Vary: Origin
Age: 1
DNS

vicahya.googlecode.com

msedge.exe

Remote address:

8.8.8.8:53

Request

vicahya.googlecode.com

IN A

Response

vicahya.googlecode.com

IN CNAME

googlecode.l.googleusercontent.com

googlecode.l.googleusercontent.com

IN A

108.177.15.82
GET

http://andreykusanagi.googlecode.com/files/pop-up.js

msedge.exe

Remote address:

108.177.15.82:80

Request

GET /files/pop-up.js HTTP/1.1
Host: andreykusanagi.googlecode.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1576
Date: Thu, 05 Dec 2024 06:50:44 GMT
GET

http://www.lintas.me/assets/scripts/widget_v2.js

msedge.exe

Remote address:

104.21.59.55:80

Request

GET /assets/scripts/widget_v2.js HTTP/1.1
Host: www.lintas.me
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 05 Dec 2024 07:50:44 GMT
Location: https://t.ly/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mHtCLylne4n9Xnf8h8YugfOIxGUCNN1q8iEUYnJvIqEpxNqBmyqoShkIB76p6BOWqzsNKTKKLL5yEqTVrons7ui9q%2Bu%2BmmJFJzhJp1XQrKtx4PEriQFx3JmTcxsUhca"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8ed21a8b79b8499a-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=46894&min_rtt=46894&rtt_var=23447&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=321&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
GET

http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js

msedge.exe

Remote address:

108.177.15.82:80

Request

GET /files/jquery.colorbox-min.js HTTP/1.1
Host: mybloggertricks.googlecode.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1589
Date: Thu, 05 Dec 2024 06:50:44 GMT
DNS

js-kit.com

msedge.exe

Remote address:

8.8.8.8:53

Request

js-kit.com

IN A

Response

js-kit.com

IN A

52.222.169.79

js-kit.com

IN A

52.222.169.66

js-kit.com

IN A

52.222.169.52

js-kit.com

IN A

52.222.169.3
DNS

181.129.81.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

181.129.81.91.in-addr.arpa

IN PTR

Response
DNS

234.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.179.250.142.in-addr.arpa

IN PTR

Response

234.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f101e100net
DNS

233.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.179.250.142.in-addr.arpa

IN PTR

Response

233.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f91e100net
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

146.54.223.76.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.54.223.76.in-addr.arpa

IN PTR

Response

146.54.223.76.in-addr.arpa

IN PTR

a904c694c05102f30awsglobalacceleratorcom
DNS

196.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.187.250.142.in-addr.arpa

IN PTR

Response

196.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f41e100net
GET

http://vicahya.googlecode.com/files/like.js

msedge.exe

Remote address:

108.177.15.82:80

Request

GET /files/like.js HTTP/1.1
Host: vicahya.googlecode.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1574
Date: Thu, 05 Dec 2024 06:50:44 GMT
GET

http://js-kit.com/ratings.js

msedge.exe

Remote address:

52.222.169.79:80

Request

GET /ratings.js HTTP/1.1
Host: js-kit.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: CloudFront
Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://js-kit.com/ratings.js
X-Cache: Redirect from cloudfront
Via: 1.1 05ad9acef0768042c9e1e6aa1757dea6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG52-P2
X-Amz-Cf-Id: 70FUWGNRSm9A36UEFakWxUZq7MdhBRSf0osGX-qh0PkhM_0c7MXMjA==
DNS

t.ly

msedge.exe

Remote address:

8.8.8.8:53

Request

t.ly

IN A

Response

t.ly

IN A

104.20.6.133

t.ly

IN A

104.20.7.133
DNS

t.ly

msedge.exe

Remote address:

8.8.8.8:53

Request

t.ly

IN A
GET

http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

msedge.exe

Remote address:

103.30.145.12:80

Request

GET /show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
Host: adsensecamp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx/1.20.1
Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
GET

http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF

msedge.exe

Remote address:

103.30.145.12:80

Request

GET /show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF HTTP/1.1
Host: adsensecamp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx/1.20.1
Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF
GET

http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

msedge.exe

Remote address:

103.30.145.12:80

Request

GET /show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
Host: adsensecamp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx/1.20.1
Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
GET

http://www.linkwithin.com/pixel.png

msedge.exe

Remote address:

118.139.179.30:80

Request

GET /pixel.png HTTP/1.1
Host: www.linkwithin.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Date: Thu, 05 Dec 2024 06:50:44 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
DNS

resources.blogblog.com

msedge.exe

Remote address:

8.8.8.8:53

Request

resources.blogblog.com

IN A

Response

resources.blogblog.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.179.233
GET

https://js-kit.com/ratings.js

msedge.exe

Remote address:

52.222.169.79:443

Request

GET /ratings.js HTTP/2.0
host: js-kit.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Wed, 06 Apr 2022 16:13:41 GMT
content-encoding: br
x-amz-version-id: jpJVPLM2scc98VIza3fS53kMUkOeXCse
server: AmazonS3
date: Wed, 04 Dec 2024 12:22:02 GMT
etag: W/"6d2357aca7001634869225852af9f026"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 da68614307a40db3dcbe53959fc92288.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
x-amz-cf-id: YqHSt4qfk08Vg6gmdx7zZWMbaL8da5GzIf7JLVqk8IgGB0xhIN3P5Q==
age: 66524
GET

http://2.bp.blogspot.com/-OH9BCX7OMPs/UO9qNaD-cdI/AAAAAAAABM4/8oC_1l1WnTQ/s200/edmmusic1.jpg

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /-OH9BCX7OMPs/UO9qNaD-cdI/AAAAAAAABM4/8oC_1l1WnTQ/s200/edmmusic1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="edmmusic1.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 11286
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:50:44 GMT
Expires: Fri, 06 Dec 2024 06:50:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4ce"
Content-Type: image/jpeg
Vary: Origin
Age: 0
GET

http://2.bp.blogspot.com/-gSKEawnzOv8/TnhZyo66VnI/AAAAAAAACN4/f2XwzWsaN3o/w72-h72-p-k-no-nu/setting-input-output-nuendo-cubase_.jpg

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /-gSKEawnzOv8/TnhZyo66VnI/AAAAAAAACN4/f2XwzWsaN3o/w72-h72-p-k-no-nu/setting-input-output-nuendo-cubase_.jpg HTTP/1.1
Host: 2.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="setting-input-output-nuendo-cubase_.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2615
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:50:44 GMT
Expires: Fri, 06 Dec 2024 06:50:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v8de"
Content-Type: image/jpeg
Vary: Origin
Age: 1
DNS

feeds.feedburner.com

msedge.exe

Remote address:

8.8.8.8:53

Request

feeds.feedburner.com

IN A

Response

feeds.feedburner.com

IN CNAME

www4.l.google.com

www4.l.google.com

IN A

216.58.212.206
GET

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

msedge.exe

Remote address:

142.250.179.233:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/2.0
host: resources.blogblog.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://feeds.feedburner.com/DcmGaleri.2.gif

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /DcmGaleri.2.gif HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/xml; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
feedburnerv2:
Last-Modified: Sun, 1 Dec 2024 01:18:45 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Security-Policy: script-src 'report-sample' 'nonce-l0Li-3bb9Ck9D6EKKflGqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Resource-Policy: same-site
Cross-Origin-Opener-Policy: same-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/RaichuFeedServer/web-reports?context=eJzjEtDikmLw0pBicEqfwRoCxEI8HEdmHd3FJtDx5sgaZiXLpPzC-MTSlMx83YLSpJzM4ozUomJdoKBuUWJmckapblpqakpxalFZalG8kYGRiaGRgbGegUV8gQEAM74eAQ"
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=yIl2AUoC8zA

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~ff/BelajarMenjadiDj?d=yIl2AUoC8zA HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:50:44 GMT
Cross-Origin-Opener-Policy: same-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Security-Policy: script-src 'report-sample' 'nonce-D5_CS4eieZekSmHElJi-WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:-BTjWOF_DHI

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:-BTjWOF_DHI HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:50:44 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: script-src 'report-sample' 'nonce-tMoRQ3-a5bKOy0LsgA2B5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:4cEx4HpKnUU

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:4cEx4HpKnUU HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:50:44 GMT
Cross-Origin-Opener-Policy: same-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Security-Policy: script-src 'report-sample' 'nonce-6QlSEWeOnTf6jHbiKbYUCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=qj6IDK7rITs

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~ff/BelajarMenjadiDj?d=qj6IDK7rITs HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:50:44 GMT
Content-Security-Policy: script-src 'report-sample' 'nonce-9-33S9_MXdyc1JTDjWXSHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Opener-Policy: same-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~r/BelajarMenjadiDj/~4/7drerI2nHxU

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~r/BelajarMenjadiDj/~4/7drerI2nHxU HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:50:44 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Content-Security-Policy: script-src 'report-sample' 'nonce-xrKIHpKJnQunrX73DI0SdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
DNS

lh5.googleusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

lh5.googleusercontent.com

IN A

Response

lh5.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.200.33
GET

https://lh5.googleusercontent.com/proxy/Vh2UaAJlUNAJelHGjhJIMPaYNSLe5qYpsros1nxnD6jSMvgeGmX3w6G2F6Xy30FLblMrwQZd5pfOMynWFu7MIYfSTqiZB71r8Qar=w72-h72-p-k-no-nu

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /proxy/Vh2UaAJlUNAJelHGjhJIMPaYNSLe5qYpsros1nxnD6jSMvgeGmX3w6G2F6Xy30FLblMrwQZd5pfOMynWFu7MIYfSTqiZB71r8Qar=w72-h72-p-k-no-nu HTTP/2.0
host: lh5.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://lh5.googleusercontent.com/proxy/T5nDK30cBcCaH06HgEPaN4APRcnXMHqjX-WMexxv5oGAiw6Z1FYDBT_VKCLuXP3cVECiyF7Hjkg4u2uVs1bgrDHmt9OIlGs=w72-h72-p-k-no-nu

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /proxy/T5nDK30cBcCaH06HgEPaN4APRcnXMHqjX-WMexxv5oGAiw6Z1FYDBT_VKCLuXP3cVECiyF7Hjkg4u2uVs1bgrDHmt9OIlGs=w72-h72-p-k-no-nu HTTP/2.0
host: lh5.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://lh4.googleusercontent.com/proxy/9xkkQQjNY5WKSzxRwb-yteCFeLCeY5cssIN6iiSSEwH_nrP7Lo2jQvNiMJdDFVilfsqu3x_lyzLiQx0hcf4mBP28-VYCmLGdaxG-B0DZU21BHQ=w72-h72-p-k-no-nu

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /proxy/9xkkQQjNY5WKSzxRwb-yteCFeLCeY5cssIN6iiSSEwH_nrP7Lo2jQvNiMJdDFVilfsqu3x_lyzLiQx0hcf4mBP28-VYCmLGdaxG-B0DZU21BHQ=w72-h72-p-k-no-nu HTTP/2.0
host: lh4.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://lh6.googleusercontent.com/-9h18YaUZujg/UN_qKjTg3lI/AAAAAAAAAJg/aPhX_V-o3i0/s90/382142_123356677826423_498008173_n%2520-%2520Copy.jpg

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /-9h18YaUZujg/UN_qKjTg3lI/AAAAAAAAAJg/aPhX_V-o3i0/s90/382142_123356677826423_498008173_n%2520-%2520Copy.jpg HTTP/2.0
host: lh6.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

4.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

4.bp.blogspot.com

IN A

Response

4.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

172.217.16.225
DNS

lh3.googleusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

lh3.googleusercontent.com

IN A

Response

lh3.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.200.33
GET

https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

msedge.exe

Remote address:

103.30.145.12:443

Request

GET /show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
Host: adsensecamp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx/1.20.1
Date: Thu, 05 Dec 2024 06:50:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=fkr6th62i4ve4u1hdcgde1nlo1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
GET

https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF

msedge.exe

Remote address:

103.30.145.12:443

Request

GET /show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF HTTP/1.1
Host: adsensecamp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx/1.20.1
Date: Thu, 05 Dec 2024 06:50:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=6drpjjrm9bma0amoeone2vtrn4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
GET

http://4.bp.blogspot.com/-eVAZ4GRLCyk/TiqsG95rdJI/AAAAAAAACE4/hCGjzkBlUcU/w72-h72-p-k-no-nu/kjaerhus-effects-660-80.jpg

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /-eVAZ4GRLCyk/TiqsG95rdJI/AAAAAAAACE4/hCGjzkBlUcU/w72-h72-p-k-no-nu/kjaerhus-effects-660-80.jpg HTTP/1.1
Host: 4.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kjaerhus-effects-660-80.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4395
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:50:44 GMT
Expires: Fri, 06 Dec 2024 06:50:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1121"
Content-Type: image/jpeg
Vary: Origin
Age: 1
GET

http://4.bp.blogspot.com/_l0xe23ajLo8/TF8GVOyGyHI/AAAAAAAAAD8/IHD-uyZxZSg/w72-h72-p-k-no-nu/Untitled-1.jpg

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /_l0xe23ajLo8/TF8GVOyGyHI/AAAAAAAAAD8/IHD-uyZxZSg/w72-h72-p-k-no-nu/Untitled-1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Untitled-1.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1755
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:50:44 GMT
Expires: Fri, 06 Dec 2024 06:50:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19b"
Content-Type: image/jpeg
Vary: Origin
Age: 1
GET

http://4.bp.blogspot.com/-Cc4oFF-qe0o/TqiJ8_j5I3I/AAAAAAAACOE/LQGdP2hG_3c/w72-h72-p-k-no-nu/simulanalog-guitar-suite.jpg

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /-Cc4oFF-qe0o/TqiJ8_j5I3I/AAAAAAAACOE/LQGdP2hG_3c/w72-h72-p-k-no-nu/simulanalog-guitar-suite.jpg HTTP/1.1
Host: 4.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="simulanalog-guitar-suite.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3769
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:50:44 GMT
Expires: Fri, 06 Dec 2024 06:50:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v8e1"
Content-Type: image/jpeg
Vary: Origin
Age: 1
GET

https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

msedge.exe

Remote address:

103.30.145.12:443

Request

GET /show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
Host: adsensecamp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx/1.20.1
Date: Thu, 05 Dec 2024 06:50:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=8qj451hhuo7l7nhnprl9igm301; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
GET

https://lh3.googleusercontent.com/proxy/MI1vj8biHQqzeFfFdXAQTtDF550fkmgqptDp9gnCfTit2g_n3Sm1cf9m_UzxIh-ada0zaCIwV52AN9GQrgzOipJG9Xc=w72-h72-n-k-no-nu

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /proxy/MI1vj8biHQqzeFfFdXAQTtDF550fkmgqptDp9gnCfTit2g_n3Sm1cf9m_UzxIh-ada0zaCIwV52AN9GQrgzOipJG9Xc=w72-h72-n-k-no-nu HTTP/2.0
host: lh3.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vnUP1ZxpakSTQUphCAS95o9gIaPuxUaf_5MUSr96aIjvfv1-oah9pyTi1hsdiTXPjvRP98yKR2wT06ZrPmSl3DBT7mN41lDaQaQ0RFSKqeN6dG8OGC29Yt0QP-yoCoYPz3tg=s0-d

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /blogger_img_proxy/AEn0k_vnUP1ZxpakSTQUphCAS95o9gIaPuxUaf_5MUSr96aIjvfv1-oah9pyTi1hsdiTXPjvRP98yKR2wT06ZrPmSl3DBT7mN41lDaQaQ0RFSKqeN6dG8OGC29Yt0QP-yoCoYPz3tg=s0-d HTTP/2.0
host: lh3.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ukDjIRa6dOJb17TWM4bSJbH1o7oXYCAXg-ofD2i4anPgqoznQ_t4z-dEbucapC-MzAMqBpCzmn2osR6dyHQkwJzfgOcg1kBcwk=s0-d

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /blogger_img_proxy/AEn0k_ukDjIRa6dOJb17TWM4bSJbH1o7oXYCAXg-ofD2i4anPgqoznQ_t4z-dEbucapC-MzAMqBpCzmn2osR6dyHQkwJzfgOcg1kBcwk=s0-d HTTP/2.0
host: lh3.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tG_IrxviEZ4K0tmNMaEd-7UZhlXP4FuVvJRwfsWY3oS0KGtwuiDETSMtthx8EeTPJ8TDaVllwXmHfe2w41kQrti4MnIP7mJr4=s0-d

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /blogger_img_proxy/AEn0k_tG_IrxviEZ4K0tmNMaEd-7UZhlXP4FuVvJRwfsWY3oS0KGtwuiDETSMtthx8EeTPJ8TDaVllwXmHfe2w41kQrti4MnIP7mJr4=s0-d HTTP/2.0
host: lh3.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tbm9Ya4BHVnqBWNjJy7P9kQVWgStlPEmNoG48pteJ5FCAh2ErSLjtxfEhq0gz3j_6E732rRtOv1zrziFMcZgpuY2u_ucqlFUEwB6O6hRbOJVNaarYj8jlnOlP88XZVvSk=s0-d

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /blogger_img_proxy/AEn0k_tbm9Ya4BHVnqBWNjJy7P9kQVWgStlPEmNoG48pteJ5FCAh2ErSLjtxfEhq0gz3j_6E732rRtOv1zrziFMcZgpuY2u_ucqlFUEwB6O6hRbOJVNaarYj8jlnOlP88XZVvSk=s0-d HTTP/2.0
host: lh3.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vNkZqZhsrm6DSCh_g-K38Ai5aot4dyVQecYTuQa13l-k0qm6m2lKYYXKdN5FFmUiPoFoXtP4ndnqLcPqBGzeb022bDVz4v5uTIWyhvwmOeBBGfNlKHwccxB3Y2pNyopaw2RVRI=s0-d

msedge.exe

Remote address:

142.250.200.33:443

Request

GET /blogger_img_proxy/AEn0k_vNkZqZhsrm6DSCh_g-K38Ai5aot4dyVQecYTuQa13l-k0qm6m2lKYYXKdN5FFmUiPoFoXtP4ndnqLcPqBGzeb022bDVz4v5uTIWyhvwmOeBBGfNlKHwccxB3Y2pNyopaw2RVRI=s0-d HTTP/2.0
host: lh3.googleusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

lh4.googleusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

lh4.googleusercontent.com

IN A

Response

lh4.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.200.33
DNS

c.gigcount.com

msedge.exe

Remote address:

8.8.8.8:53

Request

c.gigcount.com

IN A

Response
DNS

www.reverbnation.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.reverbnation.com

IN A

Response

www.reverbnation.com

IN A

54.167.69.150

www.reverbnation.com

IN A

52.21.227.64
DNS

ib.adnxs.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ib.adnxs.com

IN A

Response

ib.adnxs.com

IN CNAME

xandr-g-geo.trafficmanager.net

xandr-g-geo.trafficmanager.net

IN CNAME

ib.anycast.adnxs.com

ib.anycast.adnxs.com

IN A

185.89.210.46

ib.anycast.adnxs.com

IN A

185.89.211.84

ib.anycast.adnxs.com

IN A

185.89.210.90

ib.anycast.adnxs.com

IN A

185.89.210.141

ib.anycast.adnxs.com

IN A

185.89.210.180

ib.anycast.adnxs.com

IN A

185.89.210.244

ib.anycast.adnxs.com

IN A

185.89.210.82

ib.anycast.adnxs.com

IN A

185.89.210.20

ib.anycast.adnxs.com

IN A

185.89.210.153

ib.anycast.adnxs.com

IN A

185.89.210.212

ib.anycast.adnxs.com

IN A

185.89.211.116

ib.anycast.adnxs.com

IN A

185.89.210.122
DNS

icons.iconarchive.com

msedge.exe

Remote address:

8.8.8.8:53

Request

icons.iconarchive.com

IN A

Response

icons.iconarchive.com

IN A

104.21.235.213

icons.iconarchive.com

IN A

104.21.235.214
GET

http://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif

msedge.exe

Remote address:

54.167.69.150:80

Request

GET /widgets/trk/40/artist_560616//t.gif HTTP/1.1
Host: www.reverbnation.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 05 Dec 2024 06:50:45 GMT
Content-Length: 0
Connection: keep-alive
location: https://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif
GET

http://ib.adnxs.com/seg?add=405193&t=2

msedge.exe

Remote address:

185.89.210.46:80

Request

GET /seg?add=405193&t=2 HTTP/1.1
Host: ib.adnxs.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 307 Redirection

Server: nginx/1.23.4
Date: Thu, 05 Dec 2024 06:50:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D405193%26t%3D2
AN-X-Request-Uuid: f36904ac-8820-4684-9e50-8ac16600f5a4
X-Proxy-Origin: 181.215.176.83; 181.215.176.83; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png

msedge.exe

Remote address:

104.21.235.213:80

Request

GET /icons/deleket/folder/24/Mozilla-Thunderbird-icon.png HTTP/1.1
Host: icons.iconarchive.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Date: Thu, 05 Dec 2024 06:50:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=5356800
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ept%2FDSGJh0kzluCVA0lovJlm8ZWhhysUdhda%2B0MjwO0HeXxz5qOd7vkGxZkAJwYFHnmaeslBXEkuBOiEEFpdoc1ymiQHbwhhErEQGofN6LHEJIEL%2Fx%2Bj8JgajuZYUSUxays3sDP4%2FIk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8ed21a916d986559-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=47429&min_rtt=47429&rtt_var=23714&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=404&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
DNS

banner.adsensecamp.com

msedge.exe

Remote address:

8.8.8.8:53

Request

banner.adsensecamp.com

IN A

Response

banner.adsensecamp.com

IN CNAME

adsensecamp.com

adsensecamp.com

IN A

103.30.145.12
DNS

static.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.doubleclick.net

IN A

Response

static.doubleclick.net

IN A

142.250.187.230
DNS

www.alertpay.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.alertpay.com

IN A

Response

www.alertpay.com

IN A

52.223.39.56
DNS

82.15.177.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

82.15.177.108.in-addr.arpa

IN PTR

Response

82.15.177.108.in-addr.arpa

IN PTR

wr-in-f821e100net
DNS

225.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.16.217.172.in-addr.arpa

IN PTR

Response

225.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f11e100net

225.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f1�H
DNS

55.59.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.59.21.104.in-addr.arpa

IN PTR

Response
DNS

79.169.222.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.169.222.52.in-addr.arpa

IN PTR

Response

79.169.222.52.in-addr.arpa

IN PTR

server-52-222-169-79cdg52r cloudfrontnet
DNS

227.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.187.250.142.in-addr.arpa

IN PTR

Response

227.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f31e100net
DNS

30.179.139.118.in-addr.arpa

Remote address:

8.8.8.8:53

Request

30.179.139.118.in-addr.arpa

IN PTR

Response

30.179.139.118.in-addr.arpa

IN PTR

sg2nlhdb5004-13-09shrprodsin2secureservernet
DNS

206.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.212.58.216.in-addr.arpa

IN PTR

Response

206.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f141e100net

206.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f14�I

206.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f206�I
DNS

12.145.30.103.in-addr.arpa

Remote address:

8.8.8.8:53

Request

12.145.30.103.in-addr.arpa

IN PTR

Response

12.145.30.103.in-addr.arpa

IN PTR

ipv4-103-30-145-12idwebhost
DNS

65.140.162.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

65.140.162.3.in-addr.arpa

IN PTR

Response

65.140.162.3.in-addr.arpa

IN PTR

server-3-162-140-65dub56r cloudfrontnet
DNS

33.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.200.250.142.in-addr.arpa

IN PTR

Response

33.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f11e100net
GET

https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D405193%26t%3D2

msedge.exe

Remote address:

185.89.210.46:443

Request

GET /sbounce?%2Fseg%3Fadd%3D405193%26t%3D2 HTTP/2.0
host: ib.adnxs.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

server: nginx/1.23.4
date: Thu, 05 Dec 2024 06:50:45 GMT
content-type: text/html; charset=utf-8
content-length: 0
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
location: https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2
an-x-request-uuid: 08d08977-a1f4-45f1-b6c2-f176bb91eee8
set-cookie: XANDR_PANID=NGl_oarlp9zE13wCJ__zQorK_316oEmTiX0uUdNaOlTiCbUoabTs_2daDHWJef707eq9vCdWmp_XndAlDY4B39UvMr5U9575XtahcrI-wBc.; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 05-Mar-2025 06:50:45 GMT; Domain=.adnxs.com; Secure; Partitioned
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 23-Nov-2034 06:50:45 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
set-cookie: uuid2=4177566523339808452; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 05-Mar-2025 06:50:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 181.215.176.83; 181.215.176.83; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2

msedge.exe

Remote address:

185.89.210.46:443

Request

GET /bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2 HTTP/2.0
host: ib.adnxs.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx/1.23.4
date: Thu, 05 Dec 2024 06:50:45 GMT
content-type: image/gif
content-length: 43
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: *
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 99ab206d-f8b4-4fdc-8405-3a4a6276cfba
set-cookie: anj=dTM7k!M4/8CxrEQF']wIg2Hb<`LkC*!1yIE'Yg-$0y=/d!!':<$]j]r; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 05-Mar-2025 06:50:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
set-cookie: receive-cookie-deprecation=1; SameSite=None; Path=/; Max-Age=314496000; Expires=Thu, 23-Nov-2034 06:50:45 GMT; Domain=.adnxs.com; Secure; HttpOnly; Partitioned
x-proxy-origin: 181.215.176.83; 181.215.176.83; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
GET

http://www.google-analytics.com/ga.js

msedge.exe

Remote address:

142.250.200.14:80

Request

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
Date: Thu, 05 Dec 2024 05:44:49 GMT
Expires: Thu, 05 Dec 2024 07:44:49 GMT
Cache-Control: public, max-age=7200
Age: 3956
Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
GET

https://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif

msedge.exe

Remote address:

54.167.69.150:443

Request

GET /widgets/trk/40/artist_560616//t.gif HTTP/2.0
host: www.reverbnation.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 05 Dec 2024 06:50:45 GMT
content-type: image/gif
server: Apache
x-xss-protection: 1; mode=block
pragma: no-cache
expires: PAST DATE
cache-control: no-cache, no-store, post-check=0, pre-check=0, public
content-disposition: inline; filename="track_74072.gif"
content-transfer-encoding: binary
x-digits-of-pi:
x-request-id: 05a3cc89-ca9e-4634-b847-b328071e7aa9
x-runtime: 0.019711
p3p: CP="DSP ALL COR OUR SAMi UNRi CUR ADM TAI IVA IVD CONo BUS DEM UNI STA LOC NAV COM INT", policyref="/w3c/p3p.xml"
GET

https://t.ly/

msedge.exe

Remote address:

104.20.6.133:443

Request

GET / HTTP/2.0
host: t.ly
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 05 Dec 2024 06:50:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkptRW9hYUFFZXo0KzNkZ0J6YVFKeGc9PSIsInZhbHVlIjoiVGMwT1ZuMzZCT0hvRVN3SW9udmVrTlBqVFRWTnloRTRlQVRBVEsrcDJmY3lBMG1EZ044YUJPUkIrSjZXaDlZWGIwa01hemNxMERxY3h2ZGN5OElzZDRoZ0RQcU5xc0JScDBpdit3MTdOQUh4Zkk4RmNLa3NDZ1orY3MrdS9jUUciLCJtYWMiOiIwNWQzZmZmNDBmMWRmYzVhZDQzMzEyMzA3OWQ0OTA4NGVjNzQ2ZmIyODY5MGQ4MWRjM2ViODBhZjVjODViZDBiIiwidGFnIjoiIn0%3D; expires=Thu, 19 Dec 2024 06:50:45 GMT; Max-Age=1209600; path=/; domain=.t.ly; secure; samesite=lax
set-cookie: tly_session=eyJpdiI6IjljWkhWTTVvWk5rQ0FHK0lLRCtONkE9PSIsInZhbHVlIjoiUFBFRWlRblNwVHk0VWl0UTI5SFhrSWNRQ2t3OEdzSmhEMUhnS2E0UkRvZGI1OUhxWmw1UmR5VWplVVorUzRIakxyd2x5by9Sem5uWlhrWnJJYm9LTVFqUyt3RjFPTEFHWDFCWUZQQzBCbUFHUTJKaDBia2NuTkVoOTlYakEzTVUiLCJtYWMiOiI4NGM2Y2E0NmRhNjdiNWZkZDc0MzAxNjQyOGQwMmJkMWY3MzI1ZWRiMDc3Nzc2NWFkZTc1ZGU1NWNlMzc2ZTJiIiwidGFnIjoiIn0%3D; expires=Thu, 19 Dec 2024 06:50:45 GMT; Max-Age=1209600; path=/; domain=.t.ly; secure; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-whom: tly-app
x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
x-do-orig-status: 200
last-modified: Thu, 05 Dec 2024 06:50:45 GMT
cf-cache-status: BYPASS
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 8ed21a935f4a7772-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

http://banner.adsensecamp.com/images/banner/white-cloud.gif

msedge.exe

Remote address:

103.30.145.12:80

Request

GET /images/banner/white-cloud.gif HTTP/1.1
Host: banner.adsensecamp.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx/1.20.1
Date: Thu, 05 Dec 2024 06:50:46 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://banner.adsensecamp.com/images/banner/white-cloud.gif
DNS

crt.rootg2.amazontrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

crt.rootg2.amazontrust.com

IN A

Response

crt.rootg2.amazontrust.com

IN A

3.162.140.15

crt.rootg2.amazontrust.com

IN A

3.162.140.117

crt.rootg2.amazontrust.com

IN A

3.162.140.36

crt.rootg2.amazontrust.com

IN A

3.162.140.85
GET

http://crt.rootg2.amazontrust.com/rootg2.cer

msedge.exe

Remote address:

3.162.140.15:80

Request

GET /rootg2.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: crt.rootg2.amazontrust.com

Response

HTTP/1.1 200 OK

Content-Type: binary/octet-stream
Content-Length: 1145
Connection: keep-alive
Last-Modified: Tue, 19 Nov 2024 12:41:39 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: dX7hle94LlXUy5Ge6SEZs2OAN2frE7Tg
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 05 Dec 2024 05:38:35 GMT
ETag: "c6150925cfea5941ddc7ff2a0a506692"
X-Cache: Hit from cloudfront
Via: 1.1 a4e96ecf509fcfc9f68ca161fa7a61e6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P2
X-Amz-Cf-Id: gAuUmCZUmpt2__M3MkqBuvxxgR9jUaqhaFKbToBpqyidIoz1q9rCjQ==
Age: 4331
DNS

213.235.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

213.235.21.104.in-addr.arpa

IN PTR

Response
DNS

150.69.167.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

150.69.167.54.in-addr.arpa

IN PTR

Response

150.69.167.54.in-addr.arpa

IN PTR

ec2-54-167-69-150 compute-1 amazonawscom
DNS

14.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.200.250.142.in-addr.arpa

IN PTR

Response

14.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f141e100net
DNS

56.39.223.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.39.223.52.in-addr.arpa

IN PTR

Response

56.39.223.52.in-addr.arpa

IN PTR

ae3042091b98a96b0awsglobalacceleratorcom
DNS

133.6.20.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.6.20.104.in-addr.arpa

IN PTR

Response
DNS

15.140.162.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.140.162.3.in-addr.arpa

IN PTR

Response

15.140.162.3.in-addr.arpa

IN PTR

server-3-162-140-15dub56r cloudfrontnet
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

241.150.49.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.150.49.20.in-addr.arpa

IN PTR

Response
DNS

googleads.g.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.200.34
GET

http://www.linkwithin.com/widget.js

msedge.exe

Remote address:

118.139.179.30:80

Request

GET /widget.js HTTP/1.1
Host: www.linkwithin.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Date: Thu, 05 Dec 2024 06:51:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
DNS

chatroll.com

msedge.exe

Remote address:

8.8.8.8:53

Request

chatroll.com

IN A

Response

chatroll.com

IN A

169.47.242.252
GET

http://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0

msedge.exe

Remote address:

169.47.242.252:80

Request

GET /embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0 HTTP/1.1
Host: chatroll.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx/1.18.0
Date: Thu, 05 Dec 2024 06:51:07 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
DNS

developers.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

developers.google.com

IN A

Response

developers.google.com

IN A

216.58.201.110
DNS

s10.histats.com

msedge.exe

Remote address:

8.8.8.8:53

Request

s10.histats.com

IN A

Response

s10.histats.com

IN CNAME

s10.histats.com.web.cdn.anycast.me

s10.histats.com.web.cdn.anycast.me

IN CNAME

46-105-201-240.any.cdn.anycast.me

46-105-201-240.any.cdn.anycast.me

IN A

46.105.201.240
GET

http://developers.google.com/

msedge.exe

Remote address:

216.58.201.110:80

Request

GET / HTTP/1.1
Host: developers.google.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Location: https://developers.google.com/
X-Cloud-Trace-Context: 703fb58bb4118d97ef8af22143a3caf0
Date: Thu, 05 Dec 2024 06:51:07 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
GET

http://s10.histats.com/js15.js

msedge.exe

Remote address:

46.105.201.240:80

Request

GET /js15.js HTTP/1.1
Host: s10.histats.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

date: Thu, 05 Dec 2024 06:46:50 GMT
etag: "980881274"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 643039772
content-type: text/javascript
content-length: 4405
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: rbx
x-cdn-pop-ip: 51.68.15.224/27
x-cacheable: Matched cache
accept-ranges: bytes
x-iplb-request-id: B5D7B053:2D3E_2E69C9F0:0050_67514D5B_40300:3C94
x-iplb-instance: 51658
GET

http://s10.histats.com/js15_gif.js

msedge.exe

Remote address:

46.105.201.240:80

Request

GET /js15_gif.js HTTP/1.1
Host: s10.histats.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

date: Thu, 05 Dec 2024 06:51:07 GMT
content-type: text/javascript
content-length: 4422
content-encoding: gzip
etag: "1458891563"
last-modified: Thu, 16 Apr 2020 10:44:17 GMT
vary: Accept-Encoding
x-request-id: 475562287
x-cdn-pop: rbx
x-cdn-pop-ip: 51.68.15.224/27
x-cacheable: Cacheable
accept-ranges: bytes
x-iplb-request-id: B5D7B053:2D3E_2E69C9F0:0050_67514D5B_40306:3C94
x-iplb-instance: 51658
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

74.125.71.84
GET

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6zM9SN8ON8Q.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg%2Fm%3D__features__

msedge.exe

Remote address:

74.125.71.84:443

Request

GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6zM9SN8ON8Q.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg%2Fm%3D__features__ HTTP/2.0
host: accounts.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0

msedge.exe

Remote address:

169.47.242.252:443

Request

GET /embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0 HTTP/1.1
Host: chatroll.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx/1.18.0
Date: Thu, 05 Dec 2024 06:51:07 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: JSESSIONID=1g3959wzxxheq4gnpziffeceq1354920; Path=/; Secure; SameSite=None; Domain=chatroll.com
Expires: Thu, 05 Dec 2024 06:51:06 GMT
Set-Cookie: __ctma=9n3Mez5Cqg6; Path=/; Secure; SameSite=None; Expires=Sat, 05-Dec-2026 06:51:07 GMT; Max-Age=63072000
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Language: en-US
Cache-Control: no-cache
Content-Encoding: gzip
GET

https://chatroll.com/t.gif

msedge.exe

Remote address:

169.47.242.252:443

Request

GET /t.gif HTTP/1.1
Host: chatroll.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=1g3959wzxxheq4gnpziffeceq1354920; __ctma=9n3Mez5Cqg6

Response

HTTP/1.1 200 OK

Server: nginx/1.18.0
Date: Thu, 05 Dec 2024 06:51:08 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
GET

https://chatroll.com/service/engine.js;jsessionid=1g3959wzxxheq4gnpziffeceq1354920

msedge.exe

Remote address:

169.47.242.252:443

Request

GET /service/engine.js;jsessionid=1g3959wzxxheq4gnpziffeceq1354920 HTTP/1.1
Host: chatroll.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=1g3959wzxxheq4gnpziffeceq1354920; __ctma=9n3Mez5Cqg6

Response

HTTP/1.1 200 OK

Server: nginx/1.18.0
Date: Thu, 05 Dec 2024 06:51:08 GMT
Content-Type: text/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: public
Expires: Thu, 05 Dec 2024 06:51:07 GMT
Cache-Control: no-cache
Last-Modified: Sun, 17 Nov 2024 17:45:19 GMT
ETag: W/"1731865519000"
Content-Encoding: gzip
POST

https://chatroll.com/service/call/plaincall/ServiceInterface.connect.req

msedge.exe

Remote address:

169.47.242.252:443

Request

POST /service/call/plaincall/ServiceInterface.connect.req HTTP/1.1
Host: chatroll.com
Connection: keep-alive
Content-Length: 2046
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: text/plain
Accept: */*
Origin: https://chatroll.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=1g3959wzxxheq4gnpziffeceq1354920; __ctma=9n3Mez5Cqg6

Response

HTTP/1.1 200 OK

Server: nginx/1.18.0
Date: Thu, 05 Dec 2024 06:51:08 GMT
Content-Type: text/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 05 Dec 2024 06:51:07 GMT
Cache-Control: no-cache
Content-Encoding: gzip
GET

https://chatroll.com/stream.html

msedge.exe

Remote address:

169.47.242.252:443

Request

GET /stream.html HTTP/1.1
Host: chatroll.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=1g3959wzxxheq4gnpziffeceq1354920; __ctma=9n3Mez5Cqg6

Response

HTTP/1.1 200 OK

Server: nginx/1.18.0
Date: Thu, 05 Dec 2024 06:51:08 GMT
Content-Type: text/html
Last-Modified: Sun, 28 Jan 2024 14:27:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"65b66463-78f"
Content-Encoding: gzip
GET

https://chatroll.com/push/8CB0ECDD2176EC75207F7D9346D81996202/xhrinteractive/8CB0ECDD2176EC75207F7D9346D81996202.b5?nc=1733381468334

msedge.exe

Remote address:

169.47.242.252:443

Request

GET /push/8CB0ECDD2176EC75207F7D9346D81996202/xhrinteractive/8CB0ECDD2176EC75207F7D9346D81996202.b5?nc=1733381468334 HTTP/1.1
Host: chatroll.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://chatroll.com/stream.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=1g3959wzxxheq4gnpziffeceq1354920; __ctma=9n3Mez5Cqg6

Response

HTTP/1.1 200 OK

Date: Thu, 05 Dec 2024 06:51:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Cache-Control: no-store, no-cache
Pragma: no-cache
DNS

s4.histats.com

msedge.exe

Remote address:

8.8.8.8:53

Request

s4.histats.com

IN A

Response

s4.histats.com

IN A

149.56.240.130

s4.histats.com

IN A

149.56.240.128

s4.histats.com

IN A

142.4.219.198

s4.histats.com

IN A

149.56.240.132

s4.histats.com

IN A

149.56.240.27

s4.histats.com

IN A

149.56.240.129

s4.histats.com

IN A

158.69.254.144

s4.histats.com

IN A

54.39.128.162

s4.histats.com

IN A

149.56.240.31

s4.histats.com

IN A

149.56.240.127

s4.histats.com

IN A

54.39.156.32

s4.histats.com

IN A

54.39.128.117

s4.histats.com

IN A

149.56.240.131
GET

https://s4.histats.com/stats/2263124.php?2263124&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20Langkah%20%3Clink%20href%3D%27http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif%27%20rel%3D%27shortcut%20icon%27%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s600&@ten-US&@u1280&@b1:-136104793&@b3:1733381466&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fc66d4e415174b45316e52eb83e11060e_JaffaCakes118.html&@w

msedge.exe

Remote address:

149.56.240.130:443

Request

GET /stats/2263124.php?2263124&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20Langkah%20%3Clink%20href%3D%27http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif%27%20rel%3D%27shortcut%20icon%27%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s600&@ten-US&@u1280&@b1:-136104793&@b3:1733381466&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fc66d4e415174b45316e52eb83e11060e_JaffaCakes118.html&@w HTTP/1.1
Host: s4.histats.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Thu, 05 Dec 2024 06:51:14 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 379
Connection: close
GET

https://developers.google.com/

msedge.exe

Remote address:

216.58.201.110:443

Request

GET / HTTP/2.0
host: developers.google.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.youtube.com/embed/BPvD3IiElyQ

msedge.exe

Remote address:

216.58.201.110:443

Request

GET /embed/BPvD3IiElyQ HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.youtube.com/embed/o6T1zCHUdcI

msedge.exe

Remote address:

216.58.201.110:443

Request

GET /embed/o6T1zCHUdcI HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

googleads.g.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.187.194
DNS

ssl.gstatic.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ssl.gstatic.com

IN A

Response

ssl.gstatic.com

IN A

142.250.200.3
GET

https://s4.histats.com/8005.gif?2263124&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20Langkah%20%3Clink%20href%3D%27http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif%27%20rel%3D%27shortcut%20icon%27%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s8005&@ten-US&@u1280&@b1:115610103&@b3:1733381467&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fc66d4e415174b45316e52eb83e11060e_JaffaCakes118.html&@w

msedge.exe

Remote address:

149.56.240.130:443

Request

GET /8005.gif?2263124&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20Langkah%20%3Clink%20href%3D%27http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif%27%20rel%3D%27shortcut%20icon%27%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s8005&@ten-US&@u1280&@b1:115610103&@b3:1733381467&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fc66d4e415174b45316e52eb83e11060e_JaffaCakes118.html&@w HTTP/1.1
Host: s4.histats.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Thu, 05 Dec 2024 06:51:14 GMT
Content-Type: image/gif
Content-Length: 2656
Connection: close
Content-Encoding: gzip
ETag: "2085292598"
Last-Modified: Thu, 16 Apr 2020 10:44:17 GMT
Vary: Accept-Encoding
GET

https://ssl.gstatic.com/accounts/o/2254111616-postmessagerelay.js

msedge.exe

Remote address:

142.250.200.3:443

Request

GET /accounts/o/2254111616-postmessagerelay.js HTTP/2.0
host: ssl.gstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://accounts.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://imemovaz.googlecode.com/files/tripleflap.js

msedge.exe

Remote address:

108.177.15.82:80

Request

GET /files/tripleflap.js HTTP/1.1
Host: imemovaz.googlecode.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1580
Date: Thu, 05 Dec 2024 06:51:07 GMT
DNS

lh3.ggpht.com

msedge.exe

Remote address:

8.8.8.8:53

Request

lh3.ggpht.com

IN A

Response

lh3.ggpht.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

172.217.16.225
GET

http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg HTTP/1.1
Host: lh3.ggpht.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Thu, 05 Dec 2024 06:51:07 GMT
Server: fife
Content-Length: 915
X-XSS-Protection: 0
GET

http://andreykusanagi.googlecode.com/files/pop-up.js

msedge.exe

Remote address:

108.177.15.82:80

Request

GET /files/pop-up.js HTTP/1.1
Host: andreykusanagi.googlecode.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1576
Date: Thu, 05 Dec 2024 06:51:07 GMT
DNS

dw3mgzt87vzb4.cloudfront.net

msedge.exe

Remote address:

8.8.8.8:53

Request

dw3mgzt87vzb4.cloudfront.net

IN A

Response

dw3mgzt87vzb4.cloudfront.net

IN A

3.165.112.107

dw3mgzt87vzb4.cloudfront.net

IN A

3.165.112.159

dw3mgzt87vzb4.cloudfront.net

IN A

3.165.112.6

dw3mgzt87vzb4.cloudfront.net

IN A

3.165.112.155
DNS

252.242.47.169.in-addr.arpa

Remote address:

8.8.8.8:53

Request

252.242.47.169.in-addr.arpa

IN PTR

Response

252.242.47.169.in-addr.arpa

IN PTR

fcf22fa9ip4static sl-reversecom
DNS

110.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.201.58.216.in-addr.arpa

IN PTR

Response

110.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f141e100net

110.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f110�I

110.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f14�I
DNS

240.201.105.46.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.201.105.46.in-addr.arpa

IN PTR

Response
GET

https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.css

msedge.exe

Remote address:

3.165.112.107:443

Request

GET /client/c828c98c/module/cached/module.css HTTP/1.1
Host: dw3mgzt87vzb4.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://chatroll.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.18.0
Date: Tue, 17 Sep 2024 21:51:20 GMT
Last-Modified: Sun, 28 Jan 2024 14:27:48 GMT
ETag: W/"65b66464-419a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: https://chatroll.com
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 a355558d5d9571f7ebd7cbb585a0c0b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: 8Ds21mCRtN8v_FI7IcQLQ4otK7NSiNZUN8med4W_bo_W3G7exdZDOg==
Age: 6771587
GET

https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.js

msedge.exe

Remote address:

3.165.112.107:443

Request

GET /client/c828c98c/module/cached/module.js HTTP/1.1
Host: dw3mgzt87vzb4.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://chatroll.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.18.0
Date: Wed, 20 Nov 2024 14:30:14 GMT
Last-Modified: Sun, 28 Jan 2024 14:27:50 GMT
ETag: W/"65b66466-6cd2b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: https://chatroll.com
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 a355558d5d9571f7ebd7cbb585a0c0b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: G0rZhStGITsPneQfIoaDXoQDdCmHMfUxsb3bJH6Ws-P-b7DrQ8C3vA==
Age: 1268454
GET

https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/embed/cached/embed.css

msedge.exe

Remote address:

3.165.112.107:443

Request

GET /client/c828c98c/embed/cached/embed.css HTTP/1.1
Host: dw3mgzt87vzb4.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://chatroll.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.18.0
Date: Thu, 18 Jul 2024 23:13:37 GMT
Last-Modified: Sun, 28 Jan 2024 14:27:48 GMT
ETag: W/"65b66464-503"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: https://chatroll.com
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 f9162e3b9b2b755ff58826d46f861a56.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: kiH4Ejjl2QZc676y6s_eR-NPrvlnNnBiINWk6jPRbWRbYEJMZW45oQ==
Age: 12037050
GET

https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/init.js

msedge.exe

Remote address:

3.165.112.107:443

Request

GET /client/c828c98c/init.js HTTP/1.1
Host: dw3mgzt87vzb4.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://chatroll.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.18.0
Date: Sun, 21 Jul 2024 23:27:22 GMT
Last-Modified: Sun, 28 Jan 2024 14:27:47 GMT
ETag: W/"65b66463-bf7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: https://chatroll.com
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 c638953b8f2f5aaf22f3f10794d5aeac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: 8JxegGnmH1O3tkCrQIhGh8B2bwv2l6vPPOpKaYJXZRtR2LA0Flr_xA==
Age: 11777025
GET

https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.png

msedge.exe

Remote address:

3.165.112.107:443

Request

GET /client/c828c98c/module/cached/module.png HTTP/1.1
Host: dw3mgzt87vzb4.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.css
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 19656
Connection: keep-alive
Server: nginx/1.18.0
Date: Sun, 20 Oct 2024 11:33:19 GMT
Last-Modified: Sun, 28 Jan 2024 14:27:48 GMT
ETag: "65b66464-4cc8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: https://chatroll.com
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 c638953b8f2f5aaf22f3f10794d5aeac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: JJ6d-wp4Pru3os-Vf_Y2cRE8s7KJ6w4w-F_lqcZbGKAuUHksy75wMQ==
Age: 3957469
DNS

84.71.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.71.125.74.in-addr.arpa

IN PTR

Response

84.71.125.74.in-addr.arpa

IN PTR

wn-in-f841e100net
DNS

130.240.56.149.in-addr.arpa

Remote address:

8.8.8.8:53

Request

130.240.56.149.in-addr.arpa

IN PTR

Response

130.240.56.149.in-addr.arpa

IN PTR

ns534298 ip-149-56-240net
DNS

3.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.200.250.142.in-addr.arpa

IN PTR

Response

3.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f31e100net
DNS

www.scri8e.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.scri8e.com

IN A

Response

www.scri8e.com

IN A

208.87.227.250
DNS

www.scri8e.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.scri8e.com

IN A

Response

www.scri8e.com

IN A

208.87.227.250
GET

http://www.scri8e.com/white.gif

msedge.exe

Remote address:

208.87.227.250:80

Request

GET /white.gif HTTP/1.1
Host: www.scri8e.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Thu, 05 Dec 2024 06:51:08 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 17 Jan 2007 08:13:09 GMT
ETag: "11ad02a-284-c8c0f40"
Accept-Ranges: bytes
Content-Length: 644
Connection: close
Content-Type: image/gif
DNS

connect.facebook.net

msedge.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.201.15
DNS

d167qii8h0pw75.cloudfront.net

msedge.exe

Remote address:

8.8.8.8:53

Request

d167qii8h0pw75.cloudfront.net

IN A

Response

d167qii8h0pw75.cloudfront.net

IN A

3.165.224.212

d167qii8h0pw75.cloudfront.net

IN A

3.165.224.164

d167qii8h0pw75.cloudfront.net

IN A

3.165.224.69

d167qii8h0pw75.cloudfront.net

IN A

3.165.224.46
DNS

74.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.204.58.216.in-addr.arpa

IN PTR

Response

74.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f741e100net

74.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f10�H

74.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f10�H
DNS

107.112.165.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

107.112.165.3.in-addr.arpa

IN PTR

Response

107.112.165.3.in-addr.arpa

IN PTR

server-3-165-112-107cdg50r cloudfrontnet
DNS

195.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.187.250.142.in-addr.arpa

IN PTR

Response

195.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f31e100net
DNS

250.227.87.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

250.227.87.208.in-addr.arpa

IN PTR

Response

250.227.87.208.in-addr.arpa

IN PTR

servertandemtablescom
DNS

250.227.87.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

250.227.87.208.in-addr.arpa

IN PTR

Response

250.227.87.208.in-addr.arpa

IN PTR

servertandemtablescom
DNS

15.201.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.201.240.157.in-addr.arpa

IN PTR

Response

15.201.240.157.in-addr.arpa

IN PTR

xx-fbcdn-shv-01-ams4fbcdnnet
GET

https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png

msedge.exe

Remote address:

3.165.224.212:443

Request

GET /images/D/E/F/DEFAULTUSER-resize_20x20.png HTTP/1.1
Host: d167qii8h0pw75.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://chatroll.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Server: nginx/1.18.0
Date: Wed, 27 Nov 2024 20:03:25 GMT
Location: https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: Hit from cloudfront
Via: 1.1 03305c04072d4b25e4e9c8aa3afdf2ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P3
X-Amz-Cf-Id: 4HdFaAbSrBJgFXVjfMPPBP3Medo1PYZFB0O54Q1QjADoAKW-FxkHDw==
Age: 643664
GET

https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg

msedge.exe

Remote address:

3.165.224.212:443

Request

GET /images/D/E/F/DEFAULTUSER-resize_20x20.jpg HTTP/1.1
Host: d167qii8h0pw75.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://chatroll.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Server: nginx/1.18.0
Date: Thu, 21 Nov 2024 11:24:48 GMT
Location: https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache: Hit from cloudfront
Via: 1.1 3dda624923fc4f3e441715eb875fc762.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P3
X-Amz-Cf-Id: i6RX_-mjhAt2QJ03mbrM2fOSJtyPJxOHJpv57sSELcSO_h6FZjpOlg==
Age: 1193181
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.201.35
DNS

d33tru5sm6wy0x.cloudfront.net

msedge.exe

Remote address:

8.8.8.8:53

Request

d33tru5sm6wy0x.cloudfront.net

IN A

Response

d33tru5sm6wy0x.cloudfront.net

IN A

18.66.168.46

d33tru5sm6wy0x.cloudfront.net

IN A

18.66.168.120

d33tru5sm6wy0x.cloudfront.net

IN A

18.66.168.111

d33tru5sm6wy0x.cloudfront.net

IN A

18.66.168.225
GET

https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png

msedge.exe

Remote address:

18.66.168.46:443

Request

GET /images/D/E/F/DEFAULTUSER-resize_20x20.png HTTP/1.1
Host: d33tru5sm6wy0x.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://chatroll.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/png
Content-Length: 470
Connection: keep-alive
Date: Wed, 04 Dec 2024 18:18:59 GMT
Last-Modified: Tue, 13 Dec 2016 17:24:31 GMT
ETag: "6ac306fbf7cbd22c0e7d83e0c5e82617"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 7f761c2ffb9626f6a53e34913ba35aee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: MLfcyQnKWddZtKwI7ovxYzidPGeNc9PpYrL6nxZXR__owmOL5PQoNQ==
Age: 45130
GET

https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg

msedge.exe

Remote address:

18.66.168.46:443

Request

GET /images/D/E/F/DEFAULTUSER-resize_20x20.jpg HTTP/1.1
Host: d33tru5sm6wy0x.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://chatroll.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/jpeg
Content-Length: 415
Connection: keep-alive
Date: Wed, 04 Dec 2024 15:04:35 GMT
Last-Modified: Tue, 13 Dec 2016 17:24:31 GMT
ETag: "b1627bbd09376cde76fe4dc7f6ff7ea3"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 fc92265e3899c24180ac56d6646eec4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: mczl_np1iNFlvoxDwS5H0k5WeNu9pksp_YNPiiUrXYgoXsiMU2PuCw==
Age: 56795
DNS

212.224.165.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

212.224.165.3.in-addr.arpa

IN PTR

Response

212.224.165.3.in-addr.arpa

IN PTR

server-3-165-224-212dub56r cloudfrontnet
DNS

46.168.66.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.168.66.18.in-addr.arpa

IN PTR

Response

46.168.66.18.in-addr.arpa

IN PTR

server-18-66-168-46dub56r cloudfrontnet
DNS

35.201.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.201.240.157.in-addr.arpa

IN PTR

Response

35.201.240.157.in-addr.arpa

IN PTR

edge-star-mini-shv-01-ams4facebookcom
DNS

200.163.202.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.163.202.172.in-addr.arpa

IN PTR

Response
DNS

nexusrules.officeapps.live.com

Remote address:

8.8.8.8:53

Request

nexusrules.officeapps.live.com

IN A

Response

nexusrules.officeapps.live.com

IN CNAME

prod.nexusrules.live.com.akadns.net

prod.nexusrules.live.com.akadns.net

IN A

52.111.229.48
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

172.214.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

platform.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A

Response

platform.twitter.com

IN CNAME

platform.twitter.map.fastly.net

platform.twitter.map.fastly.net

IN A

199.232.56.157
DNS

platform.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A

Response

platform.twitter.com

IN CNAME

platform.twitter.map.fastly.net

platform.twitter.map.fastly.net

IN A

146.75.72.157
DNS

play.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.179.238
POST

https://play.google.com/log?hasfast=true&authuser=0&format=json

msedge.exe

Remote address:

142.250.179.238:443

Request

POST /log?hasfast=true&authuser=0&format=json HTTP/2.0
host: play.google.com
content-length: 894
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.blogger.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.blogger.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://img.youtube.com/vi/LaF4yg8m3-k/default.jpg

msedge.exe

Remote address:

142.250.179.238:443

Request

GET /vi/LaF4yg8m3-k/default.jpg HTTP/2.0
host: img.youtube.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

238.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.179.250.142.in-addr.arpa

IN PTR

Response

238.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f141e100net
DNS

83.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.210.23.2.in-addr.arpa

IN PTR

Response

83.210.23.2.in-addr.arpa

IN PTR

a2-23-210-83deploystaticakamaitechnologiescom
DNS

83.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.210.23.2.in-addr.arpa

IN PTR

Response

42.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f101e100net
DNS

83.210.23.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.210.23.2.in-addr.arpa

IN PTR
DNS

42.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.200.250.142.in-addr.arpa

IN PTR
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.221.35
GET

http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js

msedge.exe

Remote address:

108.177.15.82:80

Request

GET /files/jquery.colorbox-min.js HTTP/1.1
Host: mybloggertricks.googlecode.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1589
Date: Thu, 05 Dec 2024 06:51:50 GMT
DNS

s2.sigmirror.com

msedge.exe

Remote address:

8.8.8.8:53

Request

s2.sigmirror.com

IN A

Response
GET

http://vicahya.googlecode.com/files/like.js

msedge.exe

Remote address:

108.177.15.82:80

Request

GET /files/like.js HTTP/1.1
Host: vicahya.googlecode.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1574
Date: Thu, 05 Dec 2024 06:51:51 GMT
DNS

3.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

3.bp.blogspot.com

IN A

Response

3.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

172.217.16.225
GET

http://3.bp.blogspot.com/-VXmAJdQRHJ8/Tra8E16fZGI/AAAAAAAAClg/o5M632x9qX8/s1600/floatingfb.png

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /-VXmAJdQRHJ8/Tra8E16fZGI/AAAAAAAAClg/o5M632x9qX8/s1600/floatingfb.png HTTP/1.1
Host: 3.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="floatingfb.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 8431
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 06:50:49 GMT
Expires: Fri, 06 Dec 2024 06:50:49 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "va58"
Content-Type: image/png
Vary: Origin
Age: 62
DNS

133.130.81.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.130.81.91.in-addr.arpa

IN PTR

Response
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

74.125.71.84
DNS

e.dtscout.com

Remote address:

8.8.8.8:53

Request

e.dtscout.com

IN A

Response

e.dtscout.com

IN A

141.101.120.11

e.dtscout.com

IN A

141.101.120.10
DNS

e.dtscout.com

Remote address:

8.8.8.8:53

Request

e.dtscout.com

IN A

Response

e.dtscout.com

IN A

141.101.120.11

e.dtscout.com

IN A

141.101.120.10
DNS

48.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

48.229.111.52.in-addr.arpa

IN PTR

Response
DNS

lh5.googleusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

lh5.googleusercontent.com

IN A

Response

lh5.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.200.33
DNS

lh6.googleusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

lh6.googleusercontent.com

IN A

Response

lh6.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.200.33
DNS

grasakfuckaudio.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

grasakfuckaudio.blogspot.com

IN A

Response

grasakfuckaudio.blogspot.com

IN CNAME

blogspot.l.googleusercontent.com

blogspot.l.googleusercontent.com

IN A

172.217.16.225
GET

http://grasakfuckaudio.blogspot.com/favicon.ico

msedge.exe

Remote address:

172.217.16.225:80

Request

GET /favicon.ico HTTP/1.1
Host: grasakfuckaudio.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: image/x-icon; charset=UTF-8
Expires: Thu, 05 Dec 2024 06:52:35 GMT
Date: Thu, 05 Dec 2024 06:52:35 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sat, 05 Oct 2024 07:23:15 GMT
ETag: W/"c63af4d597a4b64858f0572286da50f8a833b9753d6284da0760360ef992294d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
GET

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=yIl2AUoC8zA

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~ff/BelajarMenjadiDj?d=yIl2AUoC8zA HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:52:35 GMT
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Content-Security-Policy: script-src 'report-sample' 'nonce-fI90gdmvF17xHF7gqzbYlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Opener-Policy: same-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:-BTjWOF_DHI

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:-BTjWOF_DHI HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:52:35 GMT
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Security-Policy: script-src 'report-sample' 'nonce-hzP9s1c3VTQxblJbvMge-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Opener-Policy: same-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:4cEx4HpKnUU

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:4cEx4HpKnUU HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:52:35 GMT
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Content-Security-Policy: script-src 'report-sample' 'nonce-zUx6dE6IG7zbDMy2Ij8Ltw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Cross-Origin-Opener-Policy: same-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=qj6IDK7rITs

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~ff/BelajarMenjadiDj?d=qj6IDK7rITs HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:52:35 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Content-Security-Policy: script-src 'report-sample' 'nonce-OcuExeIYbPc4-FGBsJ5TkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
GET

http://feeds.feedburner.com/~r/BelajarMenjadiDj/~4/7drerI2nHxU

msedge.exe

Remote address:

216.58.212.206:80

Request

GET /~r/BelajarMenjadiDj/~4/7drerI2nHxU HTTP/1.1
Host: feeds.feedburner.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 05 Dec 2024 06:52:35 GMT
Content-Security-Policy: script-src 'report-sample' 'nonce-SYpIvFitNQ5O1AVkkVY4nw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Opener-Policy: same-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
DNS

damncok.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

damncok.blogspot.com

IN A

Response

damncok.blogspot.com

IN CNAME

blogspot.l.googleusercontent.com

blogspot.l.googleusercontent.com

IN A

172.217.16.225
GET

http://damncok.blogspot.com/

msedge.exe

Remote address:

172.217.16.225:80

Request

GET / HTTP/1.1
Host: damncok.blogspot.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Location: https://damncok.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 05 Dec 2024 06:53:05 GMT
Expires: Thu, 05 Dec 2024 06:53:05 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 195
Server: GSE
GET

https://damncok.blogspot.com/

msedge.exe

Remote address:

172.217.16.225:443

Request

GET / HTTP/2.0
host: damncok.blogspot.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://2.bp.blogspot.com/-ykvs-q-8rOY/TjjibooGvBI/AAAAAAAAALc/_bPrJCdPex4/s000/user.png

msedge.exe

Remote address:

172.217.16.225:443

Request

GET /-ykvs-q-8rOY/TjjibooGvBI/AAAAAAAAALc/_bPrJCdPex4/s000/user.png HTTP/2.0
host: 2.bp.blogspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://3.bp.blogspot.com/-4nq8YdzDD4M/Tjjib1jpgUI/AAAAAAAAALg/-4dP1xJO3_M/s000/comments.png

msedge.exe

Remote address:

172.217.16.225:443

Request

GET /-4nq8YdzDD4M/Tjjib1jpgUI/AAAAAAAAALg/-4dP1xJO3_M/s000/comments.png HTTP/2.0
host: 3.bp.blogspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

ajax.googleapis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

172.217.16.234
GET

https://yourjavascript.com/13717140113/gfa2fb.js

msedge.exe

Remote address:

76.223.54.146:443

Request

GET /13717140113/gfa2fb.js HTTP/2.0
host: yourjavascript.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 114
date: Thu, 05 Dec 2024 06:53:06 GMT
DNS

coepoe.googlecode.com

msedge.exe

Remote address:

8.8.8.8:53

Request

coepoe.googlecode.com

IN A

Response

coepoe.googlecode.com

IN CNAME

googlecode.l.googleusercontent.com

googlecode.l.googleusercontent.com

IN A

108.177.15.82
DNS

s7.addthis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

s7.addthis.com

IN A

Response
DNS

blogger.googleusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

blogger.googleusercontent.com

IN A

Response

blogger.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.200.33
DNS

nwidget.networkedblogs.com

msedge.exe

Remote address:

8.8.8.8:53

Request

nwidget.networkedblogs.com

IN A

Response
DNS

fbcdn-sphotos-d-a.akamaihd.net

msedge.exe

Remote address:

8.8.8.8:53

Request

fbcdn-sphotos-d-a.akamaihd.net

IN A

Response

fbcdn-sphotos-d-a.akamaihd.net

IN CNAME

fbcdn-sphotos-d-a.akamaihd.net.edgesuite.net
DNS

connect.facebook.net

msedge.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.201.15
GET

https://coepoe.googlecode.com/files/label.js

msedge.exe

Remote address:

108.177.15.82:443

Request

GET /files/label.js HTTP/2.0
host: coepoe.googlecode.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://connect.facebook.net/en_US/all.js

msedge.exe

Remote address:

157.240.201.15:443

Request

GET /en_US/all.js HTTP/2.0
host: connect.facebook.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://connect.facebook.net/en_US/all.js?hash=e5b0715604e340fb48d262321c6a2c4a

msedge.exe

Remote address:

157.240.201.15:443

Request

GET /en_US/all.js?hash=e5b0715604e340fb48d262321c6a2c4a HTTP/2.0
host: connect.facebook.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://damncok.blogspot.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://static.xx.fbcdn.net/rsrc.php/v4/yR/r/teE39sffXW8.png

msedge.exe

Remote address:

157.240.201.15:443

Request

GET /rsrc.php/v4/yR/r/teE39sffXW8.png HTTP/2.0
host: static.xx.fbcdn.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.facebook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://static.xx.fbcdn.net/rsrc.php/v4i7M54/yS/l/en_US/XQ_d_y3IWvS.js

msedge.exe

Remote address:

157.240.201.15:443

Request

GET /rsrc.php/v4i7M54/yS/l/en_US/XQ_d_y3IWvS.js HTTP/2.0
host: static.xx.fbcdn.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.facebook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://static.xx.fbcdn.net/rsrc.php/v4/yx/r/iqVGY7gYXlg.gif

msedge.exe

Remote address:

157.240.201.15:443

Request

GET /rsrc.php/v4/yx/r/iqVGY7gYXlg.gif HTTP/2.0
host: static.xx.fbcdn.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.facebook.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

www.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

172.217.169.46

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.200.14
DNS

platform.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A

Response

platform.twitter.com

IN CNAME

platform.twitter.map.fastly.net

platform.twitter.map.fastly.net

IN A

199.232.56.157
GET

https://googleads.g.doubleclick.net/pagead/id

msedge.exe

Remote address:

142.250.187.194:443

Request

GET /pagead/id HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://www.youtube.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://platform.twitter.com/widgets.js

msedge.exe

Remote address:

199.232.56.157:443

Request

GET /widgets.js HTTP/2.0
host: platform.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 11 Dec 2023 17:20:28 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=1800
content-type: application/javascript; charset=utf-8
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 05 Dec 2024 06:53:07 GMT
x-served-by: cache-iad-kcgs7200137-IAD, cache-lon4245-LON
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 27597
GET

https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fdamncok.blogspot.com

msedge.exe

Remote address:

199.232.56.157:443

Request

GET /widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fdamncok.blogspot.com HTTP/2.0
host: platform.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 11 Dec 2023 17:19:49 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 05 Dec 2024 06:53:08 GMT
x-served-by: cache-iad-kiad7000164-IAD, cache-lon4245-LON
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105429
GET

https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js

msedge.exe

Remote address:

199.232.56.157:443

Request

GET /js/button.856debeac157d9669cf51e73a08fbc93.js HTTP/2.0
host: platform.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 11 Dec 2023 17:19:47 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=315360000
content-type: application/javascript; charset=utf-8
etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 05 Dec 2024 06:53:09 GMT
x-served-by: cache-iad-kiad7000114-IAD, cache-lon4245-LON
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 2620
GET

https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html

msedge.exe

Remote address:

199.232.56.157:443

Request

GET /widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html HTTP/2.0
host: platform.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Mon, 11 Dec 2023 17:19:47 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "bf4801052efb5f8f12057c849e9b590f+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Thu, 05 Dec 2024 06:53:09 GMT
x-served-by: cache-iad-kcgs7200083-IAD, cache-lon4245-LON
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 13712
DNS

234.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.16.217.172.in-addr.arpa

IN PTR

Response

234.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f101e100net

234.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f10�I
DNS

2.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.180.250.142.in-addr.arpa

IN PTR

Response

2.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f21e100net
DNS

194.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.187.250.142.in-addr.arpa

IN PTR

Response

194.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f21e100net
DNS

14.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.213.58.216.in-addr.arpa

IN PTR

Response

14.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f141e100net

14.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f14�H
DNS

157.56.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.56.232.199.in-addr.arpa

IN PTR

Response
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.221.35
DNS

i.ytimg.com

msedge.exe

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN A

Response

i.ytimg.com

IN A

216.58.204.86

i.ytimg.com

IN A

216.58.212.214

i.ytimg.com

IN A

216.58.201.118

i.ytimg.com

IN A

142.250.179.246

i.ytimg.com

IN A

172.217.169.22

i.ytimg.com

IN A

142.250.178.22

i.ytimg.com

IN A

142.250.200.54

i.ytimg.com

IN A

142.250.187.214

i.ytimg.com

IN A

172.217.16.246

i.ytimg.com

IN A

142.250.180.22

i.ytimg.com

IN A

142.250.200.22

i.ytimg.com

IN A

142.250.187.246

i.ytimg.com

IN A

216.58.212.246

i.ytimg.com

IN A

172.217.169.86

i.ytimg.com

IN A

172.217.169.54
DNS

img.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

img.youtube.com

IN A

Response

img.youtube.com

IN CNAME

ytimg.l.google.com

ytimg.l.google.com

IN A

142.250.200.46

ytimg.l.google.com

IN A

142.250.180.14

ytimg.l.google.com

IN A

216.58.212.206

ytimg.l.google.com

IN A

172.217.16.238

ytimg.l.google.com

IN A

142.250.187.238

ytimg.l.google.com

IN A

172.217.169.78

ytimg.l.google.com

IN A

142.250.187.206

ytimg.l.google.com

IN A

142.250.178.14

ytimg.l.google.com

IN A

172.217.169.46

ytimg.l.google.com

IN A

216.58.212.238

ytimg.l.google.com

IN A

216.58.204.78

ytimg.l.google.com

IN A

142.250.179.238

ytimg.l.google.com

IN A

142.250.200.14

ytimg.l.google.com

IN A

216.58.201.110

ytimg.l.google.com

IN A

172.217.169.14
DNS

img.youtube.com

msedge.exe

Remote address:

8.8.8.8:53

Request

img.youtube.com

IN A

Response

img.youtube.com

IN CNAME

ytimg.l.google.com

ytimg.l.google.com

IN A

216.58.204.78

ytimg.l.google.com

IN A

142.250.178.14

ytimg.l.google.com

IN A

142.250.187.238

ytimg.l.google.com

IN A

172.217.16.238

ytimg.l.google.com

IN A

142.250.187.206

ytimg.l.google.com

IN A

172.217.169.78

ytimg.l.google.com

IN A

142.250.179.238

ytimg.l.google.com

IN A

216.58.212.238

ytimg.l.google.com

IN A

216.58.212.206

ytimg.l.google.com

IN A

172.217.169.46

ytimg.l.google.com

IN A

172.217.169.14

ytimg.l.google.com

IN A

142.250.200.46

ytimg.l.google.com

IN A

216.58.201.110

ytimg.l.google.com

IN A

142.250.180.14

ytimg.l.google.com

IN A

142.250.200.14
DNS

35.221.240.157.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.221.240.157.in-addr.arpa

IN PTR

Response

35.221.240.157.in-addr.arpa

IN PTR

edge-star-mini-shv-01-lhr8facebookcom
DNS

syndication.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

syndication.twitter.com

IN A

Response

syndication.twitter.com

IN A

104.244.42.200
DNS

syndication.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

syndication.twitter.com

IN A

Response

syndication.twitter.com

IN A

104.244.42.200
GET

https://syndication.twitter.com/settings?session_id=5de96c618f4e0e6d609f93fdca37123290e159c9

msedge.exe

Remote address:

104.244.42.200:443

Request

GET /settings?session_id=5de96c618f4e0e6d609f93fdca37123290e159c9 HTTP/2.0
host: syndication.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://platform.twitter.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://platform.twitter.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 05 Dec 2024 06:53:08 GMT
perf: 7402827104
vary: Origin
server: tsa_f
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Thu, 05 Dec 2024 06:53:08 GMT
content-length: 337
content-encoding: gzip
x-transaction-id: 1b6bd77b7b1645e9
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: 4e585f9604444adada79c73327300f5ca309b29eb04020ec9caea626595d6cf7
GET

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdamncok.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1733381588693%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5de96c618f4e0e6d609f93fdca37123290e159c9

msedge.exe

Remote address:

104.244.42.200:443

Request

GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdamncok.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1733381588693%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5de96c618f4e0e6d609f93fdca37123290e159c9 HTTP/2.0
host: syndication.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 05 Dec 2024 06:53:08 GMT
perf: 7402827104
vary: Origin
server: tsa_f
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Thu, 05 Dec 2024 06:53:09 GMT
content-length: 43
x-transaction-id: 1094b2fb3893af40
strict-transport-security: max-age=631138519
x-response-time: 100
x-connection-hash: 4e585f9604444adada79c73327300f5ca309b29eb04020ec9caea626595d6cf7
GET

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdamncok.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1733381588694%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5de96c618f4e0e6d609f93fdca37123290e159c9

msedge.exe

Remote address:

104.244.42.200:443

Request

GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdamncok.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1733381588694%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5de96c618f4e0e6d609f93fdca37123290e159c9 HTTP/2.0
host: syndication.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 05 Dec 2024 06:53:09 GMT
perf: 7402827104
vary: Origin
server: tsa_f
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Thu, 05 Dec 2024 06:53:09 GMT
content-length: 43
x-transaction-id: 59bcdb526edb01a0
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 4e585f9604444adada79c73327300f5ca309b29eb04020ec9caea626595d6cf7
DNS

static.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.xx.fbcdn.net

IN A

Response

static.xx.fbcdn.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.201.15
DNS

86.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.204.58.216.in-addr.arpa

IN PTR

Response

86.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f221e100net

86.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f22�H

86.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f86�H
DNS

200.42.244.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.42.244.104.in-addr.arpa

IN PTR

Response
DNS

jnn-pa.googleapis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

jnn-pa.googleapis.com

IN A

Response

jnn-pa.googleapis.com

IN A

142.250.200.42

jnn-pa.googleapis.com

IN A

172.217.169.74

jnn-pa.googleapis.com

IN A

172.217.169.10

jnn-pa.googleapis.com

IN A

142.250.179.234

jnn-pa.googleapis.com

IN A

216.58.201.106

jnn-pa.googleapis.com

IN A

142.250.178.10

jnn-pa.googleapis.com

IN A

142.250.187.202

jnn-pa.googleapis.com

IN A

172.217.16.234

jnn-pa.googleapis.com

IN A

142.250.187.234

jnn-pa.googleapis.com

IN A

216.58.204.74

jnn-pa.googleapis.com

IN A

216.58.212.202

jnn-pa.googleapis.com

IN A

142.250.180.10

jnn-pa.googleapis.com

IN A

172.217.169.42

jnn-pa.googleapis.com

IN A

142.250.200.10
GET

https://static.doubleclick.net/instream/ad_status.js

msedge.exe

Remote address:

142.250.187.230:443

Request

GET /instream/ad_status.js HTTP/2.0
host: static.doubleclick.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

msedge.exe

Remote address:

142.250.200.42:443

Request

OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
host: jnn-pa.googleapis.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-api-key,x-user-agent
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

twitter.com

IN A

Response

twitter.com

IN A

104.244.42.1

twitter.com

IN A

104.244.42.193

twitter.com

IN A

104.244.42.65

twitter.com

IN A

104.244.42.129
DNS

ep1.adtrafficquality.google

msedge.exe

Remote address:

8.8.8.8:53

Request

ep1.adtrafficquality.google

IN A

Response

ep1.adtrafficquality.google

IN A

142.250.180.2
DNS

play.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.179.238
DNS

ep2.adtrafficquality.google

msedge.exe

Remote address:

8.8.8.8:53

Request

ep2.adtrafficquality.google

IN A

Response

ep2.adtrafficquality.google

IN A

216.58.201.97
GET

https://ep2.adtrafficquality.google/sodar/sodar2.js

msedge.exe

Remote address:

216.58.201.97:443

Request

GET /sodar/sodar2.js HTTP/2.0
host: ep2.adtrafficquality.google
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://damncok.blogspot.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

230.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

230.187.250.142.in-addr.arpa

IN PTR

Response

230.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f61e100net
DNS

97.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.201.58.216.in-addr.arpa

IN PTR

Response

97.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f971e100net

97.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f1�H

97.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f1�H

76.223.54.146:80

http://yourjavascript.com/31244224371/fb.js

http

msedge.exe

546 B
431 B
5
4

HTTP Request

GET http://yourjavascript.com/31244224371/fb.js

HTTP Response

200
142.250.179.234:443

https://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js

tls, http2

msedge.exe

4.0kB
71.7kB
61
61

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js
142.250.179.234:443

ajax.googleapis.com

tls, http2

msedge.exe

999 B
6.0kB
9
8
142.250.179.233:443

https://www.blogger.com/static/v1/widgets/2518973450-widgets.js

tls, http2

msedge.exe

3.1kB
70.4kB
42
64

HTTP Request

GET https://www.blogger.com/static/v1/widgets/2727757643-css_bundle_v2.css

HTTP Request

GET https://www.blogger.com/static/v1/widgets/2518973450-widgets.js
142.250.178.14:443

https://apis.google.com/js/plusone.js

tls, http2

msedge.exe

2.5kB
32.2kB
32
33

HTTP Request

GET https://apis.google.com/js/plusone.js
142.250.179.226:445

pagead2.googlesyndication.com

260 B
5
76.223.54.146:80

http://yourjavascript.com/290582211131/auto-like-10-seconds.js

http

msedge.exe

565 B
431 B
5
4

HTTP Request

GET http://yourjavascript.com/290582211131/auto-like-10-seconds.js

HTTP Response

200
76.223.54.146:80

http://yourjavascript.com/03931371151/gfafb.js

http

msedge.exe

549 B
431 B
5
4

HTTP Request

GET http://yourjavascript.com/03931371151/gfafb.js

HTTP Response

200
118.139.179.30:80

http://www.linkwithin.com/widget.js

http

msedge.exe

538 B
679 B
5
4

HTTP Request

GET http://www.linkwithin.com/widget.js

HTTP Response

404
142.250.187.196:80

http://www.google.com/jsapi

http

msedge.exe

622 B
908 B
7
6

HTTP Request

GET http://www.google.com/jsapi

HTTP Response

301
108.177.15.82:80

http://imemovaz.googlecode.com/files/tripleflap.js

http

msedge.exe

599 B
1.9kB
6
5

HTTP Request

GET http://imemovaz.googlecode.com/files/tripleflap.js

HTTP Response

404
172.217.16.225:80

http://2.bp.blogspot.com/-UrCnybwBve4/T4VW9oceXcI/AAAAAAAAAO0/0nrDauxU9po/w72-h72-p-k-no-nu/1.jpg

http

msedge.exe

2.8kB
98.8kB
43
77

HTTP Request

GET http://2.bp.blogspot.com/-uSaNeuyL8Ho/T5_SRyaFLAI/AAAAAAAAAUM/FMQkWAvK26I/s1600/headerblog-gfaweb.jpg

HTTP Response

200

HTTP Request

GET http://2.bp.blogspot.com/-UrCnybwBve4/T4VW9oceXcI/AAAAAAAAAO0/0nrDauxU9po/w72-h72-p-k-no-nu/1.jpg

HTTP Response

200
108.177.15.82:80

http://andreykusanagi.googlecode.com/files/pop-up.js

http

msedge.exe

601 B
1.9kB
6
5

HTTP Request

GET http://andreykusanagi.googlecode.com/files/pop-up.js

HTTP Response

404
104.21.59.55:80

http://www.lintas.me/assets/scripts/widget_v2.js

http

msedge.exe

643 B
1.3kB
7
6

HTTP Request

GET http://www.lintas.me/assets/scripts/widget_v2.js

HTTP Response

301
108.177.15.82:80

http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js

http

msedge.exe

615 B
2.0kB
6
5

HTTP Request

GET http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js

HTTP Response

404
108.177.15.82:80

http://vicahya.googlecode.com/files/like.js

http

msedge.exe

592 B
1.9kB
6
5

HTTP Request

GET http://vicahya.googlecode.com/files/like.js

HTTP Response

404
52.222.169.79:80

http://js-kit.com/ratings.js

http

msedge.exe

623 B
858 B
7
6

HTTP Request

GET http://js-kit.com/ratings.js

HTTP Response

301
103.30.145.12:80

http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

http

msedge.exe

758 B
772 B
7
6

HTTP Request

GET http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

HTTP Response

301
103.30.145.12:80

http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF

http

msedge.exe

803 B
811 B
8
7

HTTP Request

GET http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF

HTTP Response

301
103.30.145.12:80

http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

http

msedge.exe

759 B
773 B
7
6

HTTP Request

GET http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

HTTP Response

301
118.139.179.30:80

http://www.linkwithin.com/pixel.png

http

msedge.exe

588 B
679 B
5
4

HTTP Request

GET http://www.linkwithin.com/pixel.png

HTTP Response

404
52.222.169.79:443

https://js-kit.com/ratings.js

tls, http2

msedge.exe

2.5kB
33.9kB
34
35

HTTP Request

GET https://js-kit.com/ratings.js

HTTP Response

200
172.217.16.225:80

http://2.bp.blogspot.com/-gSKEawnzOv8/TnhZyo66VnI/AAAAAAAACN4/f2XwzWsaN3o/w72-h72-p-k-no-nu/setting-input-output-nuendo-cubase_.jpg

http

msedge.exe

1.5kB
15.6kB
14
17

HTTP Request

GET http://2.bp.blogspot.com/-OH9BCX7OMPs/UO9qNaD-cdI/AAAAAAAABM4/8oC_1l1WnTQ/s200/edmmusic1.jpg

HTTP Response

200

HTTP Request

GET http://2.bp.blogspot.com/-gSKEawnzOv8/TnhZyo66VnI/AAAAAAAACN4/f2XwzWsaN3o/w72-h72-p-k-no-nu/setting-input-output-nuendo-cubase_.jpg

HTTP Response

200
142.250.179.233:443

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

tls, http2

msedge.exe

1.9kB
6.9kB
16
15

HTTP Request

GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png
216.58.212.206:80

http://feeds.feedburner.com/DcmGaleri.2.gif

http

msedge.exe

872 B
8.2kB
11
11

HTTP Request

GET http://feeds.feedburner.com/DcmGaleri.2.gif

HTTP Response

200
216.58.212.206:80

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=yIl2AUoC8zA

http

msedge.exe

661 B
2.5kB
6
6

HTTP Request

GET http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=yIl2AUoC8zA

HTTP Response

404
216.58.212.206:80

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:-BTjWOF_DHI

http

msedge.exe

685 B
2.5kB
6
6

HTTP Request

GET http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:-BTjWOF_DHI

HTTP Response

404
216.58.212.206:80

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:4cEx4HpKnUU

http

msedge.exe

685 B
2.4kB
6
5

HTTP Request

GET http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:4cEx4HpKnUU

HTTP Response

404
103.30.145.12:80

adsensecamp.com

msedge.exe

374 B
224 B
8
5
216.58.212.206:80

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=qj6IDK7rITs

http

msedge.exe

661 B
2.4kB
6
5

HTTP Request

GET http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=qj6IDK7rITs

HTTP Response

404
216.58.212.206:80

http://feeds.feedburner.com/~r/BelajarMenjadiDj/~4/7drerI2nHxU

http

msedge.exe

661 B
2.5kB
6
6

HTTP Request

GET http://feeds.feedburner.com/~r/BelajarMenjadiDj/~4/7drerI2nHxU

HTTP Response

404
142.250.200.33:443

https://lh6.googleusercontent.com/-9h18YaUZujg/UN_qKjTg3lI/AAAAAAAAAJg/aPhX_V-o3i0/s90/382142_123356677826423_498008173_n%2520-%2520Copy.jpg

tls, http2

msedge.exe

3.4kB
19.0kB
34
42

HTTP Request

GET https://lh5.googleusercontent.com/proxy/Vh2UaAJlUNAJelHGjhJIMPaYNSLe5qYpsros1nxnD6jSMvgeGmX3w6G2F6Xy30FLblMrwQZd5pfOMynWFu7MIYfSTqiZB71r8Qar=w72-h72-p-k-no-nu

HTTP Request

GET https://lh5.googleusercontent.com/proxy/T5nDK30cBcCaH06HgEPaN4APRcnXMHqjX-WMexxv5oGAiw6Z1FYDBT_VKCLuXP3cVECiyF7Hjkg4u2uVs1bgrDHmt9OIlGs=w72-h72-p-k-no-nu

HTTP Request

GET https://lh4.googleusercontent.com/proxy/9xkkQQjNY5WKSzxRwb-yteCFeLCeY5cssIN6iiSSEwH_nrP7Lo2jQvNiMJdDFVilfsqu3x_lyzLiQx0hcf4mBP28-VYCmLGdaxG-B0DZU21BHQ=w72-h72-p-k-no-nu

HTTP Request

GET https://lh6.googleusercontent.com/-9h18YaUZujg/UN_qKjTg3lI/AAAAAAAAAJg/aPhX_V-o3i0/s90/382142_123356677826423_498008173_n%2520-%2520Copy.jpg
103.30.145.12:443

https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

tls, http

msedge.exe

2.6kB
5.6kB
11
9

HTTP Request

GET https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

HTTP Response

200
103.30.145.12:443

https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF

tls, http

msedge.exe

2.6kB
5.6kB
10
9

HTTP Request

GET https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF

HTTP Response

200
142.250.200.33:443

lh3.googleusercontent.com

msedge.exe

98 B
52 B
2
1
172.217.16.225:80

http://4.bp.blogspot.com/_l0xe23ajLo8/TF8GVOyGyHI/AAAAAAAAAD8/IHD-uyZxZSg/w72-h72-p-k-no-nu/Untitled-1.jpg

http

msedge.exe

1.3kB
7.6kB
10
11

HTTP Request

GET http://4.bp.blogspot.com/-eVAZ4GRLCyk/TiqsG95rdJI/AAAAAAAACE4/hCGjzkBlUcU/w72-h72-p-k-no-nu/kjaerhus-effects-660-80.jpg

HTTP Response

200

HTTP Request

GET http://4.bp.blogspot.com/_l0xe23ajLo8/TF8GVOyGyHI/AAAAAAAAAD8/IHD-uyZxZSg/w72-h72-p-k-no-nu/Untitled-1.jpg

HTTP Response

200
172.217.16.225:80

http://4.bp.blogspot.com/-Cc4oFF-qe0o/TqiJ8_j5I3I/AAAAAAAACOE/LQGdP2hG_3c/w72-h72-p-k-no-nu/simulanalog-guitar-suite.jpg

http

msedge.exe

811 B
4.6kB
8
9

HTTP Request

GET http://4.bp.blogspot.com/-Cc4oFF-qe0o/TqiJ8_j5I3I/AAAAAAAACOE/LQGdP2hG_3c/w72-h72-p-k-no-nu/simulanalog-guitar-suite.jpg

HTTP Response

200
103.30.145.12:443

https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

tls, http

msedge.exe

2.6kB
5.6kB
10
9

HTTP Request

GET https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

HTTP Response

200
142.250.200.33:443

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vNkZqZhsrm6DSCh_g-K38Ai5aot4dyVQecYTuQa13l-k0qm6m2lKYYXKdN5FFmUiPoFoXtP4ndnqLcPqBGzeb022bDVz4v5uTIWyhvwmOeBBGfNlKHwccxB3Y2pNyopaw2RVRI=s0-d

tls, http2

msedge.exe

3.8kB
18.1kB
35
47

HTTP Request

GET https://lh3.googleusercontent.com/proxy/MI1vj8biHQqzeFfFdXAQTtDF550fkmgqptDp9gnCfTit2g_n3Sm1cf9m_UzxIh-ada0zaCIwV52AN9GQrgzOipJG9Xc=w72-h72-n-k-no-nu

HTTP Request

GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vnUP1ZxpakSTQUphCAS95o9gIaPuxUaf_5MUSr96aIjvfv1-oah9pyTi1hsdiTXPjvRP98yKR2wT06ZrPmSl3DBT7mN41lDaQaQ0RFSKqeN6dG8OGC29Yt0QP-yoCoYPz3tg=s0-d

HTTP Request

GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ukDjIRa6dOJb17TWM4bSJbH1o7oXYCAXg-ofD2i4anPgqoznQ_t4z-dEbucapC-MzAMqBpCzmn2osR6dyHQkwJzfgOcg1kBcwk=s0-d

HTTP Request

GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tG_IrxviEZ4K0tmNMaEd-7UZhlXP4FuVvJRwfsWY3oS0KGtwuiDETSMtthx8EeTPJ8TDaVllwXmHfe2w41kQrti4MnIP7mJr4=s0-d

HTTP Request

GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tbm9Ya4BHVnqBWNjJy7P9kQVWgStlPEmNoG48pteJ5FCAh2ErSLjtxfEhq0gz3j_6E732rRtOv1zrziFMcZgpuY2u_ucqlFUEwB6O6hRbOJVNaarYj8jlnOlP88XZVvSk=s0-d

HTTP Request

GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vNkZqZhsrm6DSCh_g-K38Ai5aot4dyVQecYTuQa13l-k0qm6m2lKYYXKdN5FFmUiPoFoXtP4ndnqLcPqBGzeb022bDVz4v5uTIWyhvwmOeBBGfNlKHwccxB3Y2pNyopaw2RVRI=s0-d
103.30.145.12:443

adsensecamp.com

tls

msedge.exe

2.0kB
3.7kB
10
10
54.167.69.150:80

http://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif

http

msedge.exe

708 B
478 B
7
6

HTTP Request

GET http://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif

HTTP Response

301
185.89.210.46:80

http://ib.adnxs.com/seg?add=405193&t=2

http

msedge.exe

637 B
1.1kB
6
5

HTTP Request

GET http://ib.adnxs.com/seg?add=405193&t=2

HTTP Response

307
104.21.235.213:80

http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png

http

msedge.exe

680 B
1.2kB
6
5

HTTP Request

GET http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png

HTTP Response

404
185.89.210.46:443

https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2

tls, http2

msedge.exe

2.7kB
5.6kB
14
13

HTTP Request

GET https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D405193%26t%3D2

HTTP Response

307

HTTP Request

GET https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2

HTTP Response

200
142.250.200.14:80

http://www.google-analytics.com/ga.js

http

msedge.exe

908 B
18.8kB
13
19

HTTP Request

GET http://www.google-analytics.com/ga.js

HTTP Response

200
54.167.69.150:443

https://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif

tls, http2

msedge.exe

1.7kB
7.0kB
14
17

HTTP Request

GET https://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif

HTTP Response

200
52.223.39.56:443

www.alertpay.com

tls

msedge.exe

2.0kB
5.0kB
10
10
104.20.6.133:443

https://t.ly/

tls, http2

msedge.exe

2.2kB
23.3kB
27
29

HTTP Request

GET https://t.ly/

HTTP Response

200
103.30.145.12:80

http://banner.adsensecamp.com/images/banner/white-cloud.gif

http

msedge.exe

750 B
668 B
8
6

HTTP Request

GET http://banner.adsensecamp.com/images/banner/white-cloud.gif

HTTP Response

301
142.250.180.2:139

pagead2.googlesyndication.com

260 B
5
3.162.140.15:80

http://crt.rootg2.amazontrust.com/rootg2.cer

http

msedge.exe

459 B
1.9kB
7
5

HTTP Request

GET http://crt.rootg2.amazontrust.com/rootg2.cer

HTTP Response

200
103.30.145.12:80

banner.adsensecamp.com

msedge.exe

374 B
224 B
8
5
103.30.145.12:443

banner.adsensecamp.com

tls

msedge.exe

1.9kB
3.2kB
8
6
103.30.145.12:443

banner.adsensecamp.com

tls

msedge.exe

1.9kB
3.2kB
8
6
118.139.179.30:80

http://www.linkwithin.com/widget.js

http

msedge.exe

538 B
679 B
5
4

HTTP Request

GET http://www.linkwithin.com/widget.js

HTTP Response

404
142.250.200.34:445

googleads.g.doubleclick.net

260 B
5
118.139.179.30:80

www.linkwithin.com

msedge.exe

288 B
196 B
6
4
169.47.242.252:80

http://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0

http

msedge.exe

821 B
684 B
7
6

HTTP Request

GET http://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0

HTTP Response

301
216.58.201.110:80

http://developers.google.com/

http

msedge.exe

729 B
475 B
6
5

HTTP Request

GET http://developers.google.com/

HTTP Response

301
46.105.201.240:80

http://s10.histats.com/js15_gif.js

http

msedge.exe

1.3kB
10.2kB
10
12

HTTP Request

GET http://s10.histats.com/js15.js

HTTP Response

200

HTTP Request

GET http://s10.histats.com/js15_gif.js

HTTP Response

200
74.125.71.84:443

https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6zM9SN8ON8Q.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg%2Fm%3D__features__

tls, http2

msedge.exe

2.1kB
7.2kB
16
17

HTTP Request

GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6zM9SN8ON8Q.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg%2Fm%3D__features__
169.47.242.252:443

https://chatroll.com/push/8CB0ECDD2176EC75207F7D9346D81996202/xhrinteractive/8CB0ECDD2176EC75207F7D9346D81996202.b5?nc=1733381468334

tls, http

msedge.exe

8.8kB
15.0kB
36
34

HTTP Request

GET https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0

HTTP Response

200

HTTP Request

GET https://chatroll.com/t.gif

HTTP Response

200

HTTP Request

GET https://chatroll.com/service/engine.js;jsessionid=1g3959wzxxheq4gnpziffeceq1354920

HTTP Response

200

HTTP Request

POST https://chatroll.com/service/call/plaincall/ServiceInterface.connect.req

HTTP Response

200

HTTP Request

GET https://chatroll.com/stream.html

HTTP Response

200

HTTP Request

GET https://chatroll.com/push/8CB0ECDD2176EC75207F7D9346D81996202/xhrinteractive/8CB0ECDD2176EC75207F7D9346D81996202.b5?nc=1733381468334

HTTP Response

200
149.56.240.130:443

https://s4.histats.com/stats/2263124.php?2263124&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20Langkah%20%3Clink%20href%3D%27http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif%27%20rel%3D%27shortcut%20icon%27%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s600&@ten-US&@u1280&@b1:-136104793&@b3:1733381466&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fc66d4e415174b45316e52eb83e11060e_JaffaCakes118.html&@w

tls, http

msedge.exe

2.3kB
4.2kB
9
10

HTTP Request

GET https://s4.histats.com/stats/2263124.php?2263124&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20Langkah%20%3Clink%20href%3D%27http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif%27%20rel%3D%27shortcut%20icon%27%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s600&@ten-US&@u1280&@b1:-136104793&@b3:1733381466&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fc66d4e415174b45316e52eb83e11060e_JaffaCakes118.html&@w

HTTP Response

200
216.58.201.110:443

https://www.youtube.com/embed/o6T1zCHUdcI

tls, http2

msedge.exe

4.0kB
84.4kB
55
78

HTTP Request

GET https://developers.google.com/

HTTP Request

GET https://www.youtube.com/embed/BPvD3IiElyQ

HTTP Request

GET https://www.youtube.com/embed/o6T1zCHUdcI
149.56.240.130:443

https://s4.histats.com/8005.gif?2263124&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20Langkah%20%3Clink%20href%3D%27http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif%27%20rel%3D%27shortcut%20icon%27%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s8005&@ten-US&@u1280&@b1:115610103&@b3:1733381467&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fc66d4e415174b45316e52eb83e11060e_JaffaCakes118.html&@w

tls, http

msedge.exe

2.3kB
6.6kB
9
10

HTTP Request

GET https://s4.histats.com/8005.gif?2263124&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20Langkah%20%3Clink%20href%3D%27http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif%27%20rel%3D%27shortcut%20icon%27%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s8005&@ten-US&@u1280&@b1:115610103&@b3:1733381467&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Fc66d4e415174b45316e52eb83e11060e_JaffaCakes118.html&@w

HTTP Response

200
142.250.200.3:443

https://ssl.gstatic.com/accounts/o/2254111616-postmessagerelay.js

tls, http2

msedge.exe

1.9kB
11.4kB
18
17

HTTP Request

GET https://ssl.gstatic.com/accounts/o/2254111616-postmessagerelay.js
108.177.15.82:80

http://imemovaz.googlecode.com/files/tripleflap.js

http

msedge.exe

599 B
1.9kB
6
5

HTTP Request

GET http://imemovaz.googlecode.com/files/tripleflap.js

HTTP Response

404
172.217.16.225:80

http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

http

msedge.exe

684 B
1.4kB
6
5

HTTP Request

GET http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

HTTP Response

404
142.250.187.194:139

googleads.g.doubleclick.net

260 B
5
108.177.15.82:80

http://andreykusanagi.googlecode.com/files/pop-up.js

http

msedge.exe

601 B
1.9kB
6
5

HTTP Request

GET http://andreykusanagi.googlecode.com/files/pop-up.js

HTTP Response

404
3.165.112.107:443

https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.js

tls, http

msedge.exe

4.6kB
147.6kB
62
113

HTTP Request

GET https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.css

HTTP Response

200

HTTP Request

GET https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.js

HTTP Response

200
3.165.112.107:443

https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/embed/cached/embed.css

tls, http

msedge.exe

1.6kB
7.9kB
10
12

HTTP Request

GET https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/embed/cached/embed.css

HTTP Response

200
3.165.112.107:443

https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.png

tls, http

msedge.exe

2.7kB
29.8kB
19
29

HTTP Request

GET https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/init.js

HTTP Response

200

HTTP Request

GET https://dw3mgzt87vzb4.cloudfront.net/client/c828c98c/module/cached/module.png

HTTP Response

200
208.87.227.250:80

http://www.scri8e.com/white.gif

http

msedge.exe

584 B
1.1kB
5
5

HTTP Request

GET http://www.scri8e.com/white.gif

HTTP Response

200
169.47.242.252:443

chatroll.com

tls

msedge.exe

889 B
531 B
7
8
208.87.227.250:80

www.scri8e.com

msedge.exe

444 B
340 B
9
7
157.240.201.15:443

connect.facebook.net

tls

msedge.exe

3.3kB
85.4kB
46
77
3.165.224.212:443

https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png

tls, http

msedge.exe

1.7kB
7.4kB
10
12

HTTP Request

GET https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png

HTTP Response

301
3.165.224.212:443

https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg

tls, http

msedge.exe

1.7kB
7.4kB
10
13

HTTP Request

GET https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg

HTTP Response

301
157.240.201.35:443

www.facebook.com

tls

msedge.exe

1.9kB
5.2kB
15
15
18.66.168.46:443

https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png

tls, http

msedge.exe

1.7kB
7.7kB
11
13

HTTP Request

GET https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png

HTTP Response

200
18.66.168.46:443

https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg

tls, http

msedge.exe

1.7kB
7.6kB
11
13

HTTP Request

GET https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg

HTTP Response

200
199.232.56.157:445

platform.twitter.com

260 B
5
146.75.72.157:139

platform.twitter.com

260 B
5
142.250.179.238:443

https://img.youtube.com/vi/LaF4yg8m3-k/default.jpg

tls, http2

msedge.exe

3.2kB
10.2kB
19
23

HTTP Request

POST https://play.google.com/log?hasfast=true&authuser=0&format=json

HTTP Request

GET https://img.youtube.com/vi/LaF4yg8m3-k/default.jpg
108.177.15.82:80

http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js

http

msedge.exe

713 B
3.4kB
8
6

HTTP Request

GET http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js

HTTP Response

404
108.177.15.82:80

http://vicahya.googlecode.com/files/like.js

http

msedge.exe

592 B
1.9kB
6
5

HTTP Request

GET http://vicahya.googlecode.com/files/like.js

HTTP Response

404
172.217.16.225:80

http://3.bp.blogspot.com/-VXmAJdQRHJ8/Tra8E16fZGI/AAAAAAAAClg/o5M632x9qX8/s1600/floatingfb.png

http

msedge.exe

785 B
9.3kB
8
10

HTTP Request

GET http://3.bp.blogspot.com/-VXmAJdQRHJ8/Tra8E16fZGI/AAAAAAAAClg/o5M632x9qX8/s1600/floatingfb.png

HTTP Response

200
142.250.200.2:445

pagead2.googlesyndication.com

260 B
5
157.240.221.35:445

www.facebook.com

260 B
5
142.250.180.2:139

pagead2.googlesyndication.com

260 B
5
169.47.242.252:443

chatroll.com

tls

msedge.exe

3.5kB
5.9kB
25
23
141.101.120.11:445

e.dtscout.com

260 B
5
141.101.120.10:445

e.dtscout.com

260 B
5
172.217.16.225:80

http://grasakfuckaudio.blogspot.com/favicon.ico

http

msedge.exe

554 B
1.0kB
4
4

HTTP Request

GET http://grasakfuckaudio.blogspot.com/favicon.ico

HTTP Response

200
216.58.212.206:80

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=yIl2AUoC8zA

http

msedge.exe

661 B
2.5kB
6
6

HTTP Request

GET http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=yIl2AUoC8zA

HTTP Response

404
216.58.212.206:80

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:-BTjWOF_DHI

http

msedge.exe

685 B
2.5kB
6
6

HTTP Request

GET http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:-BTjWOF_DHI

HTTP Response

404
216.58.212.206:80

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:4cEx4HpKnUU

http

msedge.exe

731 B
2.5kB
7
6

HTTP Request

GET http://feeds.feedburner.com/~ff/BelajarMenjadiDj?i=7drerI2nHxU:5SNctip5VOw:4cEx4HpKnUU

HTTP Response

404
216.58.212.206:80

http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=qj6IDK7rITs

http

msedge.exe

661 B
2.5kB
6
6

HTTP Request

GET http://feeds.feedburner.com/~ff/BelajarMenjadiDj?d=qj6IDK7rITs

HTTP Response

404
216.58.212.206:80

http://feeds.feedburner.com/~r/BelajarMenjadiDj/~4/7drerI2nHxU

http

msedge.exe

661 B
2.5kB
6
6

HTTP Request

GET http://feeds.feedburner.com/~r/BelajarMenjadiDj/~4/7drerI2nHxU

HTTP Response

404
172.217.16.225:80

http://damncok.blogspot.com/

http

msedge.exe

636 B
796 B
4
4

HTTP Request

GET http://damncok.blogspot.com/

HTTP Response

301
172.217.16.225:80

damncok.blogspot.com

msedge.exe

98 B
52 B
2
1
172.217.16.225:443

https://3.bp.blogspot.com/-4nq8YdzDD4M/Tjjib1jpgUI/AAAAAAAAALg/-4dP1xJO3_M/s000/comments.png

tls, http2

msedge.exe

3.2kB
64.5kB
37
63

HTTP Request

GET https://damncok.blogspot.com/

HTTP Request

GET https://2.bp.blogspot.com/-ykvs-q-8rOY/TjjibooGvBI/AAAAAAAAALc/_bPrJCdPex4/s000/user.png

HTTP Request

GET https://3.bp.blogspot.com/-4nq8YdzDD4M/Tjjib1jpgUI/AAAAAAAAALg/-4dP1xJO3_M/s000/comments.png
76.223.54.146:443

https://yourjavascript.com/13717140113/gfa2fb.js

tls, http2

msedge.exe

1.6kB
4.4kB
11
11

HTTP Request

GET https://yourjavascript.com/13717140113/gfa2fb.js

HTTP Response

200
108.177.15.82:443

https://coepoe.googlecode.com/files/label.js

tls, http2

msedge.exe

1.7kB
7.9kB
13
15

HTTP Request

GET https://coepoe.googlecode.com/files/label.js
157.240.201.15:443

https://static.xx.fbcdn.net/rsrc.php/v4/yx/r/iqVGY7gYXlg.gif

tls, http2

msedge.exe

6.1kB
228.3kB
101
185

HTTP Request

GET https://connect.facebook.net/en_US/all.js

HTTP Request

GET https://connect.facebook.net/en_US/all.js?hash=e5b0715604e340fb48d262321c6a2c4a

HTTP Request

GET https://static.xx.fbcdn.net/rsrc.php/v4/yR/r/teE39sffXW8.png

HTTP Request

GET https://static.xx.fbcdn.net/rsrc.php/v4i7M54/yS/l/en_US/XQ_d_y3IWvS.js

HTTP Request

GET https://static.xx.fbcdn.net/rsrc.php/v4/yx/r/iqVGY7gYXlg.gif
216.58.213.14:443

www.youtube.com

msedge.exe

98 B
52 B
2
1
142.250.187.194:443

https://googleads.g.doubleclick.net/pagead/id

tls, http2

msedge.exe

1.7kB
6.7kB
13
13

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/id
216.58.213.14:443

www.youtube.com

tls, http2

msedge.exe

907 B
8.0kB
7
8
199.232.56.157:443

https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html

tls, http2

msedge.exe

5.2kB
160.5kB
81
129

HTTP Request

GET https://platform.twitter.com/widgets.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fdamncok.blogspot.com

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html

HTTP Response

200
157.240.221.35:443

www.facebook.com

tls

msedge.exe

3.9kB
22.7kB
27
30
216.58.204.86:443

i.ytimg.com

tls, http2

msedge.exe

907 B
6.0kB
7
7
104.244.42.200:443

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdamncok.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1733381588694%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5de96c618f4e0e6d609f93fdca37123290e159c9

tls, http2

msedge.exe

2.6kB
5.3kB
12
14

HTTP Request

GET https://syndication.twitter.com/settings?session_id=5de96c618f4e0e6d609f93fdca37123290e159c9

HTTP Response

200

HTTP Request

GET https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdamncok.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1733381588693%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5de96c618f4e0e6d609f93fdca37123290e159c9

HTTP Request

GET https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdamncok.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1733381588694%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=5de96c618f4e0e6d609f93fdca37123290e159c9

HTTP Response

200

HTTP Response

200
142.250.187.230:443

https://static.doubleclick.net/instream/ad_status.js

tls, http2

msedge.exe

1.6kB
6.6kB
12
12

HTTP Request

GET https://static.doubleclick.net/instream/ad_status.js
142.250.200.42:443

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

tls, http2

msedge.exe

1.7kB
6.7kB
12
14

HTTP Request

OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.201.97:443

https://ep2.adtrafficquality.google/sodar/sodar2.js

tls, http2

msedge.exe

2.9kB
13.2kB
18
19

HTTP Request

GET https://ep2.adtrafficquality.google/sodar/sodar2.js

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

217.106.137.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

217.106.137.52.in-addr.arpa
8.8.8.8:53

71.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

71.159.190.20.in-addr.arpa
8.8.8.8:53

layanan.oposisi.net

dns

msedge.exe

65 B
127 B
1
1

DNS Request

layanan.oposisi.net
8.8.8.8:53

www.blogger.com

dns

msedge.exe

61 B
108 B
1
1

DNS Request

www.blogger.com

DNS Response

142.250.179.233
8.8.8.8:53

yourjavascript.com

dns

msedge.exe

64 B
96 B
1
1

DNS Request

yourjavascript.com

DNS Response

76.223.54.146

13.248.169.48
8.8.8.8:53

ajax.googleapis.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.179.234
8.8.8.8:53

apis.google.com

dns

msedge.exe

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

142.250.178.14
8.8.8.8:53

dinhquanghuy.110mb.com

dns

msedge.exe

68 B
142 B
1
1

DNS Request

dinhquanghuy.110mb.com
142.250.179.233:443

www.blogger.com

https

msedge.exe

15.5kB
253.8kB
91
226
142.250.178.14:443

apis.google.com

https

msedge.exe

9.8kB
261.8kB
86
212
8.8.8.8:53

adsensecamp.com

dns

msedge.exe

61 B
77 B
1
1

DNS Request

adsensecamp.com

DNS Response

103.30.145.12
8.8.8.8:53

www.linkwithin.com

dns

msedge.exe

64 B
94 B
1
1

DNS Request

www.linkwithin.com

DNS Response

118.139.179.30
8.8.8.8:53

www.google.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.187.196
8.8.8.8:53

imemovaz.googlecode.com

dns

msedge.exe

69 B
130 B
1
1

DNS Request

imemovaz.googlecode.com

DNS Response

108.177.15.82
8.8.8.8:53

feedjit.com

dns

msedge.exe

57 B
139 B
1
1

DNS Request

feedjit.com
8.8.8.8:53

andreykusanagi.googlecode.com

dns

msedge.exe

75 B
136 B
1
1

DNS Request

andreykusanagi.googlecode.com

DNS Response

108.177.15.82
8.8.8.8:53

2.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

2.bp.blogspot.com

DNS Response

172.217.16.225
8.8.8.8:53

www.lintas.me

dns

msedge.exe

59 B
91 B
1
1

DNS Request

www.lintas.me

DNS Response

104.21.59.55

172.67.215.31
8.8.8.8:53

s2.sigmirror.com

dns

msedge.exe

62 B
138 B
1
1

DNS Request

s2.sigmirror.com
8.8.8.8:53

mybloggertricks.googlecode.com

dns

msedge.exe

76 B
137 B
1
1

DNS Request

mybloggertricks.googlecode.com

DNS Response

108.177.15.82
8.8.8.8:53

vicahya.googlecode.com

dns

msedge.exe

68 B
129 B
1
1

DNS Request

vicahya.googlecode.com

DNS Response

108.177.15.82
8.8.8.8:53

js-kit.com

dns

msedge.exe

56 B
120 B
1
1

DNS Request

js-kit.com

DNS Response

52.222.169.79

52.222.169.66

52.222.169.52

52.222.169.3
8.8.8.8:53

181.129.81.91.in-addr.arpa

dns

72 B
147 B
1
1

DNS Request

181.129.81.91.in-addr.arpa
8.8.8.8:53

234.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

234.179.250.142.in-addr.arpa
8.8.8.8:53

233.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

233.179.250.142.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

146.54.223.76.in-addr.arpa

dns

72 B
128 B
1
1

DNS Request

146.54.223.76.in-addr.arpa
8.8.8.8:53

196.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.187.250.142.in-addr.arpa
8.8.8.8:53

t.ly

dns

msedge.exe

100 B
82 B
2
1

DNS Request

t.ly

DNS Request

t.ly

DNS Response

104.20.6.133

104.20.7.133
8.8.8.8:53

resources.blogblog.com

dns

msedge.exe

68 B
115 B
1
1

DNS Request

resources.blogblog.com

DNS Response

142.250.179.233
8.8.8.8:53

feeds.feedburner.com

dns

msedge.exe

66 B
110 B
1
1

DNS Request

feeds.feedburner.com

DNS Response

216.58.212.206
142.250.179.233:443

resources.blogblog.com

https

msedge.exe

2.6kB
8.4kB
10
12
8.8.8.8:53

lh5.googleusercontent.com

dns

msedge.exe

71 B
116 B
1
1

DNS Request

lh5.googleusercontent.com

DNS Response

142.250.200.33
8.8.8.8:53

4.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

4.bp.blogspot.com

DNS Response

172.217.16.225
8.8.8.8:53

lh3.googleusercontent.com

dns

msedge.exe

71 B
116 B
1
1

DNS Request

lh3.googleusercontent.com

DNS Response

142.250.200.33
8.8.8.8:53

lh4.googleusercontent.com

dns

msedge.exe

71 B
116 B
1
1

DNS Request

lh4.googleusercontent.com

DNS Response

142.250.200.33
8.8.8.8:53

c.gigcount.com

dns

msedge.exe

60 B
121 B
1
1

DNS Request

c.gigcount.com
8.8.8.8:53

www.reverbnation.com

dns

msedge.exe

66 B
98 B
1
1

DNS Request

www.reverbnation.com

DNS Response

54.167.69.150

52.21.227.64
8.8.8.8:53

ib.adnxs.com

dns

msedge.exe

58 B
319 B
1
1

DNS Request

ib.adnxs.com

DNS Response

185.89.210.46

185.89.211.84

185.89.210.90

185.89.210.141

185.89.210.180

185.89.210.244

185.89.210.82

185.89.210.20

185.89.210.153

185.89.210.212

185.89.211.116

185.89.210.122
8.8.8.8:53

icons.iconarchive.com

dns

msedge.exe

67 B
99 B
1
1

DNS Request

icons.iconarchive.com

DNS Response

104.21.235.213

104.21.235.214
8.8.8.8:53

banner.adsensecamp.com

dns

msedge.exe

136 B
182 B
2
2

DNS Request

banner.adsensecamp.com

DNS Response

103.30.145.12

DNS Request

static.doubleclick.net

DNS Response

142.250.187.230
8.8.8.8:53

www.alertpay.com

dns

msedge.exe

62 B
78 B
1
1

DNS Request

www.alertpay.com

DNS Response

52.223.39.56
8.8.8.8:53

82.15.177.108.in-addr.arpa

dns

72 B
105 B
1
1

DNS Request

82.15.177.108.in-addr.arpa
8.8.8.8:53

225.16.217.172.in-addr.arpa

dns

73 B
140 B
1
1

DNS Request

225.16.217.172.in-addr.arpa
8.8.8.8:53

55.59.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

55.59.21.104.in-addr.arpa
8.8.8.8:53

79.169.222.52.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

79.169.222.52.in-addr.arpa
8.8.8.8:53

227.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

227.187.250.142.in-addr.arpa
8.8.8.8:53

30.179.139.118.in-addr.arpa

dns

73 B
136 B
1
1

DNS Request

30.179.139.118.in-addr.arpa
8.8.8.8:53

206.212.58.216.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

206.212.58.216.in-addr.arpa
8.8.8.8:53

12.145.30.103.in-addr.arpa

dns

72 B
115 B
1
1

DNS Request

12.145.30.103.in-addr.arpa
8.8.8.8:53

65.140.162.3.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

65.140.162.3.in-addr.arpa
8.8.8.8:53

33.200.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

33.200.250.142.in-addr.arpa
8.8.8.8:53

crt.rootg2.amazontrust.com

dns

msedge.exe

72 B
136 B
1
1

DNS Request

crt.rootg2.amazontrust.com

DNS Response

3.162.140.15

3.162.140.117

3.162.140.36

3.162.140.85
8.8.8.8:53

213.235.21.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

213.235.21.104.in-addr.arpa
8.8.8.8:53

150.69.167.54.in-addr.arpa

dns

72 B
127 B
1
1

DNS Request

150.69.167.54.in-addr.arpa
8.8.8.8:53

14.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.200.250.142.in-addr.arpa
8.8.8.8:53

56.39.223.52.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

56.39.223.52.in-addr.arpa
8.8.8.8:53

133.6.20.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

133.6.20.104.in-addr.arpa
8.8.8.8:53

15.140.162.3.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

15.140.162.3.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
224.0.0.251:5353

msedge.exe

519 B
8
8.8.8.8:53

241.150.49.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

241.150.49.20.in-addr.arpa
8.8.8.8:53

googleads.g.doubleclick.net

dns

msedge.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.200.34
8.8.8.8:53

chatroll.com

dns

msedge.exe

58 B
74 B
1
1

DNS Request

chatroll.com

DNS Response

169.47.242.252
8.8.8.8:53

developers.google.com

dns

msedge.exe

67 B
83 B
1
1

DNS Request

developers.google.com

DNS Response

216.58.201.110
8.8.8.8:53

s10.histats.com

dns

msedge.exe

61 B
158 B
1
1

DNS Request

s10.histats.com

DNS Response

46.105.201.240
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

74.125.71.84
8.8.8.8:53

s4.histats.com

dns

msedge.exe

60 B
268 B
1
1

DNS Request

s4.histats.com

DNS Response

149.56.240.130

149.56.240.128

142.4.219.198

149.56.240.132

149.56.240.27

149.56.240.129

158.69.254.144

54.39.128.162

149.56.240.31

149.56.240.127

54.39.156.32

54.39.128.117

149.56.240.131
8.8.8.8:53

googleads.g.doubleclick.net

dns

msedge.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.187.194
8.8.8.8:53

ssl.gstatic.com

dns

msedge.exe

61 B
77 B
1
1

DNS Request

ssl.gstatic.com

DNS Response

142.250.200.3
74.125.71.84:443

accounts.google.com

https

msedge.exe

3.2kB
8.9kB
10
12
8.8.8.8:53

lh3.ggpht.com

dns

msedge.exe

59 B
120 B
1
1

DNS Request

lh3.ggpht.com

DNS Response

172.217.16.225
8.8.8.8:53

dw3mgzt87vzb4.cloudfront.net

dns

msedge.exe

74 B
138 B
1
1

DNS Request

dw3mgzt87vzb4.cloudfront.net

DNS Response

3.165.112.107

3.165.112.159

3.165.112.6

3.165.112.155
8.8.8.8:53

252.242.47.169.in-addr.arpa

dns

73 B
123 B
1
1

DNS Request

252.242.47.169.in-addr.arpa
8.8.8.8:53

110.201.58.216.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

110.201.58.216.in-addr.arpa
8.8.8.8:53

240.201.105.46.in-addr.arpa

dns

73 B
127 B
1
1

DNS Request

240.201.105.46.in-addr.arpa
8.8.8.8:53

84.71.125.74.in-addr.arpa

dns

71 B
104 B
1
1

DNS Request

84.71.125.74.in-addr.arpa
8.8.8.8:53

130.240.56.149.in-addr.arpa

dns

73 B
113 B
1
1

DNS Request

130.240.56.149.in-addr.arpa
8.8.8.8:53

3.200.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.200.250.142.in-addr.arpa
8.8.8.8:53

www.scri8e.com

dns

msedge.exe

120 B
152 B
2
2

DNS Request

www.scri8e.com

DNS Request

www.scri8e.com

DNS Response

208.87.227.250

DNS Response

208.87.227.250
142.250.200.33:443

lh4.googleusercontent.com

https

msedge.exe

1.7kB
7.4kB
4
8
142.250.200.3:443

ssl.gstatic.com

https

msedge.exe

3.1kB
6.4kB
5
7
142.250.178.14:443

apis.google.com

https

msedge.exe

1.7kB
7.2kB
4
8
8.8.8.8:53

connect.facebook.net

dns

msedge.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.201.15
8.8.8.8:53

d167qii8h0pw75.cloudfront.net

dns

msedge.exe

75 B
139 B
1
1

DNS Request

d167qii8h0pw75.cloudfront.net

DNS Response

3.165.224.212

3.165.224.164

3.165.224.69

3.165.224.46
8.8.8.8:53

74.204.58.216.in-addr.arpa

dns

72 B
171 B
1
1

DNS Request

74.204.58.216.in-addr.arpa
8.8.8.8:53

107.112.165.3.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

107.112.165.3.in-addr.arpa
8.8.8.8:53

195.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.187.250.142.in-addr.arpa
8.8.8.8:53

250.227.87.208.in-addr.arpa

dns

146 B
220 B
2
2

DNS Request

250.227.87.208.in-addr.arpa

DNS Request

250.227.87.208.in-addr.arpa
8.8.8.8:53

15.201.240.157.in-addr.arpa

dns

73 B
117 B
1
1

DNS Request

15.201.240.157.in-addr.arpa
8.8.8.8:53

www.facebook.com

dns

msedge.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.201.35
8.8.8.8:53

d33tru5sm6wy0x.cloudfront.net

dns

msedge.exe

75 B
139 B
1
1

DNS Request

d33tru5sm6wy0x.cloudfront.net

DNS Response

18.66.168.46

18.66.168.120

18.66.168.111

18.66.168.225
8.8.8.8:53

212.224.165.3.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

212.224.165.3.in-addr.arpa
8.8.8.8:53

46.168.66.18.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

46.168.66.18.in-addr.arpa
8.8.8.8:53

35.201.240.157.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

35.201.240.157.in-addr.arpa
8.8.8.8:53

200.163.202.172.in-addr.arpa

dns

150 B
301 B
2
2

DNS Request

200.163.202.172.in-addr.arpa

DNS Request

nexusrules.officeapps.live.com

DNS Response

52.111.229.48
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

172.214.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.214.232.199.in-addr.arpa
8.8.8.8:53

platform.twitter.com

dns

msedge.exe

66 B
127 B
1
1

DNS Request

platform.twitter.com

DNS Response

199.232.56.157
8.8.8.8:53

platform.twitter.com

dns

msedge.exe

66 B
127 B
1
1

DNS Request

platform.twitter.com

DNS Response

146.75.72.157
8.8.8.8:53

play.google.com

dns

msedge.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.179.238
8.8.8.8:53

238.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

238.179.250.142.in-addr.arpa
8.8.8.8:53

83.210.23.2.in-addr.arpa

dns

283 B
245 B
4
2

DNS Request

83.210.23.2.in-addr.arpa

DNS Request

83.210.23.2.in-addr.arpa

DNS Request

83.210.23.2.in-addr.arpa

DNS Request

42.200.250.142.in-addr.arpa
8.8.8.8:53

www.facebook.com

dns

msedge.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.221.35
8.8.8.8:53

s2.sigmirror.com

dns

msedge.exe

62 B
138 B
1
1

DNS Request

s2.sigmirror.com
8.8.8.8:53

3.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

3.bp.blogspot.com

DNS Response

172.217.16.225
8.8.8.8:53

133.130.81.91.in-addr.arpa

dns

72 B
147 B
1
1

DNS Request

133.130.81.91.in-addr.arpa
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

74.125.71.84
74.125.71.84:443

accounts.google.com

https

msedge.exe

3.8kB
3.6kB
9
9
8.8.8.8:53

e.dtscout.com

dns

59 B
91 B
1
1

DNS Request

e.dtscout.com

DNS Response

141.101.120.11

141.101.120.10
8.8.8.8:53

e.dtscout.com

dns

59 B
91 B
1
1

DNS Request

e.dtscout.com

DNS Response

141.101.120.11

141.101.120.10
8.8.8.8:53

48.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

48.229.111.52.in-addr.arpa
142.250.179.233:443

resources.blogblog.com

https

msedge.exe

5.3kB
147.1kB
56
113
142.250.200.33:443

lh4.googleusercontent.com

https

msedge.exe

4.2kB
9.6kB
13
13
8.8.8.8:53

lh5.googleusercontent.com

dns

msedge.exe

71 B
116 B
1
1

DNS Request

lh5.googleusercontent.com

DNS Response

142.250.200.33
8.8.8.8:53

lh6.googleusercontent.com

dns

msedge.exe

71 B
116 B
1
1

DNS Request

lh6.googleusercontent.com

DNS Response

142.250.200.33
8.8.8.8:53

grasakfuckaudio.blogspot.com

dns

msedge.exe

74 B
133 B
1
1

DNS Request

grasakfuckaudio.blogspot.com

DNS Response

172.217.16.225
142.250.200.33:443

lh6.googleusercontent.com

https

msedge.exe

3.0kB
6.2kB
4
5
142.250.200.33:443

lh6.googleusercontent.com

https

msedge.exe

3.3kB
7.4kB
7
7
8.8.8.8:53

damncok.blogspot.com

dns

msedge.exe

66 B
125 B
1
1

DNS Request

damncok.blogspot.com

DNS Response

172.217.16.225
142.250.179.233:443

resources.blogblog.com

https

msedge.exe

13.5kB
308.1kB
91
253
8.8.8.8:53

ajax.googleapis.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

172.217.16.234
172.217.16.234:443

ajax.googleapis.com

https

msedge.exe

4.2kB
37.0kB
18
31
172.217.16.225:443

damncok.blogspot.com

https

msedge.exe

7.2kB
85.8kB
54
85
8.8.8.8:53

coepoe.googlecode.com

dns

msedge.exe

67 B
128 B
1
1

DNS Request

coepoe.googlecode.com

DNS Response

108.177.15.82
142.250.178.14:443

apis.google.com

https

msedge.exe

26.2kB
1.1MB
159
802
8.8.8.8:53

s7.addthis.com

dns

msedge.exe

60 B
135 B
1
1

DNS Request

s7.addthis.com
8.8.8.8:53

blogger.googleusercontent.com

dns

msedge.exe

75 B
120 B
1
1

DNS Request

blogger.googleusercontent.com

DNS Response

142.250.200.33
142.250.200.33:443

blogger.googleusercontent.com

https

msedge.exe

26.0kB
935.5kB
210
748
8.8.8.8:53

nwidget.networkedblogs.com

dns

msedge.exe

72 B
145 B
1
1

DNS Request

nwidget.networkedblogs.com
8.8.8.8:53

fbcdn-sphotos-d-a.akamaihd.net

dns

msedge.exe

76 B
194 B
1
1

DNS Request

fbcdn-sphotos-d-a.akamaihd.net
142.250.200.33:443

blogger.googleusercontent.com

https

msedge.exe

3.1kB
6.2kB
5
5
8.8.8.8:53

connect.facebook.net

dns

msedge.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.201.15
142.250.200.33:443

blogger.googleusercontent.com

https

msedge.exe

3.3kB
7.4kB
7
7
8.8.8.8:53

www.youtube.com

dns

msedge.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

216.58.213.14

216.58.212.206

216.58.204.78

142.250.187.238

172.217.169.78

172.217.169.14

142.250.180.14

142.250.200.46

216.58.201.110

172.217.16.238

172.217.169.46

142.250.179.238

142.250.178.14

142.250.187.206

142.250.200.14
8.8.8.8:53

platform.twitter.com

dns

msedge.exe

66 B
127 B
1
1

DNS Request

platform.twitter.com

DNS Response

199.232.56.157
8.8.8.8:53

234.16.217.172.in-addr.arpa

dns

73 B
142 B
1
1

DNS Request

234.16.217.172.in-addr.arpa
8.8.8.8:53

2.180.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

2.180.250.142.in-addr.arpa
8.8.8.8:53

194.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

194.187.250.142.in-addr.arpa
8.8.8.8:53

14.213.58.216.in-addr.arpa

dns

72 B
141 B
1
1

DNS Request

14.213.58.216.in-addr.arpa
8.8.8.8:53

157.56.232.199.in-addr.arpa

dns

73 B
127 B
1
1

DNS Request

157.56.232.199.in-addr.arpa
8.8.8.8:53

www.facebook.com

dns

msedge.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.221.35
108.177.15.82:443

coepoe.googlecode.com

https

msedge.exe

2.5kB
10.1kB
11
13
8.8.8.8:53

i.ytimg.com

dns

msedge.exe

57 B
297 B
1
1

DNS Request

i.ytimg.com

DNS Response

216.58.204.86

216.58.212.214

216.58.201.118

142.250.179.246

172.217.169.22

142.250.178.22

142.250.200.54

142.250.187.214

172.217.16.246

142.250.180.22

142.250.200.22

142.250.187.246

216.58.212.246

172.217.169.86

172.217.169.54
8.8.8.8:53

img.youtube.com

dns

msedge.exe

122 B
660 B
2
2

DNS Request

img.youtube.com

DNS Response

142.250.200.46

142.250.180.14

216.58.212.206

172.217.16.238

142.250.187.238

172.217.169.78

142.250.187.206

142.250.178.14

172.217.169.46

216.58.212.238

216.58.204.78

142.250.179.238

142.250.200.14

216.58.201.110

172.217.169.14

DNS Request

img.youtube.com

DNS Response

216.58.204.78

142.250.178.14

142.250.187.238

172.217.16.238

142.250.187.206

172.217.169.78

142.250.179.238

216.58.212.238

216.58.212.206

172.217.169.46

172.217.169.14

142.250.200.46

216.58.201.110

142.250.180.14

142.250.200.14
8.8.8.8:53

35.221.240.157.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

35.221.240.157.in-addr.arpa
8.8.8.8:53

syndication.twitter.com

dns

msedge.exe

138 B
170 B
2
2

DNS Request

syndication.twitter.com

DNS Response

104.244.42.200

DNS Request

syndication.twitter.com

DNS Response

104.244.42.200
142.250.200.33:443

blogger.googleusercontent.com

https

msedge.exe

3.0kB
2.6kB
6
5
142.250.178.14:443

img.youtube.com

https

msedge.exe

1.8kB
2.6kB
6
5
142.250.200.3:443

ssl.gstatic.com

https

msedge.exe

1.8kB
2.6kB
6
5
8.8.8.8:53

static.xx.fbcdn.net

dns

msedge.exe

65 B
104 B
1
1

DNS Request

static.xx.fbcdn.net

DNS Response

157.240.201.15
8.8.8.8:53

86.204.58.216.in-addr.arpa

dns

72 B
171 B
1
1

DNS Request

86.204.58.216.in-addr.arpa
8.8.8.8:53

200.42.244.104.in-addr.arpa

dns

73 B
73 B
1
1

DNS Request

200.42.244.104.in-addr.arpa
142.250.187.194:443

googleads.g.doubleclick.net

https

msedge.exe

3.6kB
7.3kB
8
10
8.8.8.8:53

jnn-pa.googleapis.com

dns

msedge.exe

67 B
291 B
1
1

DNS Request

jnn-pa.googleapis.com

DNS Response

142.250.200.42

172.217.169.74

172.217.169.10

142.250.179.234

216.58.201.106

142.250.178.10

142.250.187.202

172.217.16.234

142.250.187.234

216.58.204.74

216.58.212.202

142.250.180.10

172.217.169.42

142.250.200.10
142.250.200.42:443

jnn-pa.googleapis.com

https

msedge.exe

6.4kB
53.0kB
29
48
8.8.8.8:53

twitter.com

dns

msedge.exe

57 B
121 B
1
1

DNS Request

twitter.com

DNS Response

104.244.42.1

104.244.42.193

104.244.42.65

104.244.42.129
8.8.8.8:53

ep1.adtrafficquality.google

dns

msedge.exe

73 B
89 B
1
1

DNS Request

ep1.adtrafficquality.google

DNS Response

142.250.180.2
8.8.8.8:53

play.google.com

dns

msedge.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.179.238
142.250.179.238:443

play.google.com

https

msedge.exe

5.9kB
8.2kB
14
19
8.8.8.8:53

ep2.adtrafficquality.google

dns

msedge.exe

73 B
89 B
1
1

DNS Request

ep2.adtrafficquality.google

DNS Response

216.58.201.97
8.8.8.8:53

230.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

230.187.250.142.in-addr.arpa
216.58.201.97:443

ep2.adtrafficquality.google

https

msedge.exe

4.1kB
12.4kB
11
14
8.8.8.8:53

97.201.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

97.201.58.216.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6960857d16aadfa79d36df8ebbf0e423

SHA1
e1db43bd478274366621a8c6497e270d46c6ed4f

SHA256
f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

SHA512
6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f426165d1e5f7df1b7a3758c306cd4ae

SHA1
59ef728fbbb5c4197600f61daec48556fec651c1

SHA256
b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

SHA512
8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
20KB

MD5
4b3121a05808b99aa6e0cc12924f77db

SHA1
ee5805bb76c384d1e1667aea2976bd2f4f94c7cc

SHA256
e4fea32bac89d9ad34b13a25b0b4da1321920b2c6be2cabb75ff91bf6109152c

SHA512
9b83d55691b41d2a45a542d163c1b6a47208969720ec1fd15233f29ddcef2243e79895cfcb008767f91b3d1cf3a6288248e8b1ec50027eb96db04cde56cb2605

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
23KB

MD5
1ed76811af8c6ed01b3d356f3bad9a3c

SHA1
8eb6ec720c89345a37f37c519a7e60453ff256d9

SHA256
52775526647d60d401b7d0ac7ad728e621edc59c4b9f6bda497ba5fef48239b4

SHA512
24cb443881a4a4fca319827e28b6aaaa5f0402867c49adeeb2c81dfa469dc448c2397e1e488d23ad2af0ffe0cbb63b8d866efdc2a8ed5dca6b4cbc4f9084499a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
00fc3c9c646e3bf8c82b319b12e9c811

SHA1
c45542dcaf01c91fca35a912f2e38dbe83cd911f

SHA256
3e1baceaa82ad182acbb0a9e89e4e174328b3505e8b11a11f0bccd971a7a890e

SHA512
cdf2ae1874d32f28d4a541e9d22f70308b1bd07668c21bafd6b4fcd6c110c6963e45a65f9dc71d144c0739b2f7af320f1e30fbaf81cbcddbca82e6c1d4c3047c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
1565774618e63b64d7eca5527d39e8e2

SHA1
ea869b4ae23bb966b27c66735d9b59e7f2f0b76f

SHA256
5cd10207d3d77bea0cf6f7d19561bd824969b2049e1cc9b4114b1755195189a8

SHA512
e81a7ab7eba200c85926d9ac3f6afa60ed1e598667c5bc17145b357b95c2c00417d4e816ed66cfbefa0f2cc00ac136cf6c40b44daaba53b38061bb5025b03c2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
456B

MD5
a963dc41ad2f7fb59756872468ad8ae6

SHA1
fbbccb1c2039dbde653e422a5cdc9b394730cb67

SHA256
aefae74f0415c14cdcf43f7a7737019a75db2a4d30893f963e394191e087f3cc

SHA512
6c647818777e4e412dedce7d4bd146d7006e25b590cfaae5f0a72a3d07086051ace196ed21b7268ec1c3cda17213bb76033f96f6ba16ba29e50da0a93f154b26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
d7d160a1f904fbee923b3486a69e4653

SHA1
e22cc66fc1288c38f94643996b1d7d4de8b8bd63

SHA256
aa0dca2d1d14e4b6bca5d7c087ca25b06fc933baf0c33770d92656a2a7e5b4e9

SHA512
1c1593b4eccafdf4676631e76d5d17ca0cdae76852da25cdcd8a01d1b1d2c7921c55176290185eb0cafdf60f8e393bea8e9aebc026f6bae88f323f851854eff0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
c5f12bde71cd9586e1a6467dbc0c4326

SHA1
47ef1f4515bc6993e163ca7017340ef586935020

SHA256
d5ffeca0a91de1b5b6fa3a342bb2ac8ac1dfa9950b51fe64c8dc1a3b7bdca65d

SHA512
ba5b71624492713d134e607d42ef57968a6735b040ad5b9a7de1569dc8089617929bff129cded4fdb49daea16523dd78cea23b7ab14a6b051ec6715d3e2df5d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
153cfffe647eb679ef931e5979a89120

SHA1
12b8a55f5d4824b3008d3189a88f8919fb1e82e0

SHA256
77ba6b879eb317b3ab8de95e8231774445c4f7784573958872a4329b6600e962

SHA512
b0925dff18d0676395bb34a2200c77adde020388e082488965c55e9f17c7e99a4089e15a6a4cdba91147511e90cf351f4ada7a2db6980573712bf90daa017fcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
332b56daf5952a4b788b9ff7ccdd2dae

SHA1
cbf4f122cbe39ac6300b202b6f784581bd4502a6

SHA256
7e276c45da05968bf9cebe29c00541db06b3df1b92bf4b4b7923c10eaf10477d

SHA512
d5add926aedc9f294dccb5b7b026423585fa8e69043b189b62cac31c21d86d1c75ad011e4934493e516100bea9281d3bcfa8cc2fbd701a0e36a2445437126fcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a737568052756a4cce1ad9ea0e2092b8

SHA1
1da48d4225ce7b7f0412be45c3ea0410b942a017

SHA256
144a5ec8c67dfb2543ed4a06992e2d0cf8f2a36f0973ce33a853a1411e73fa1f

SHA512
d5a6195b05473eccc0e5dbec5bbcaf17b571c82dab3556cd9d193bcc1c9b13aeb34e4f4da12740eaedee0a4f90bccd605ef5e79b29eec69d7f86903da1fadf2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
38885cfcc4862277fd3a309dc04dd2cd

SHA1
0ea8142f725a1322a04b5acc36be9fe94cf32074

SHA256
cb2179769e5c3d4a325c3e2c7e77bae3653022baaeb736e5a7c11979c16eb2d1

SHA512
4dbcf59d48a4e72cd8ef5ffebadbe07afcfdbcacb45d526e109f2f08830f0b9c0bf86cdf48190b24effe14c519aba10c8b8e696117c6f5df798210ae983accd6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
b0a262732ca018c11dc0fa72b876e179

SHA1
7fe1a333d9e3f020fbfa0522d3e03804bfbcc00a

SHA256
770abc02645f3c86617ae334d7219afa7b764e376746be5bebee3b426a203c77

SHA512
a81f0f007fd82e47c54a9b245c0af85781cbedc43a7fd6bc365b4bf3c4fe5f72f061037bcf67f00119117d8dfe95e1780c29fdce76b5d44862a0e4a63bc6ea6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
adf13277f794158e8c95d443533b35f3

SHA1
2c78147d15111f631b6d93f9e5898700670d388b

SHA256
cfc8a7955efd6ea85e06e62259ea7431bfd2ba0ee4bd30e9c303d93b00c94537

SHA512
6c1a47d317d60496634e78fb5eb04abd790d2c6d11aaead0fa12e7ce2a8fa776e9b1503bd01d4eb7058a9fcc2683c8e40acf487415d3fde37b16df002d060554

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58486e.TMP

Filesize
203B

MD5
6101e4a6792540ad6a212973114ca2e1

SHA1
79818c1f19ce95d271bf22c57b14c50780d5e8ee

SHA256
c8b4b34742a6c3e98ecfeff644e75215c16a7f14066c6e6af043522b56a6889f

SHA512
31da353827c63e6b4886cbc9c937cccaa73cd359a0eecca352026dd9f7dc53bbc67fa1bdecc02c391b5249d54d96f612a415304eccaa48bc906e100d8dbd582c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
6859acc16ea5c304e90b128de514bdca

SHA1
3b1de565cf4e3a273d80371672d83822b45e09d4

SHA256
e1b97e3d552cf2b5ac88d338e3a609631ae54a39607927c3e72239989e8c9ce7

SHA512
68fa51d789ab0ae4d77cc212a96498e83a668000c7e647f5641e65e7c93d073e929df6e9719ff248ca9babc39b72bfeba29f25307f014190dbefe848a1c42b62

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request