Analysis
-
max time kernel
140s -
max time network
144s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
06-12-2024 03:56
Static task
static1
Behavioral task
behavioral1
Sample
cae8fda29de263f3bbe9dcebe38927eb_JaffaCakes118.html
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cae8fda29de263f3bbe9dcebe38927eb_JaffaCakes118.html
Resource
win10v2004-20241007-en
General
-
Target
cae8fda29de263f3bbe9dcebe38927eb_JaffaCakes118.html
-
Size
122KB
-
MD5
cae8fda29de263f3bbe9dcebe38927eb
-
SHA1
4b616591442d34f2b24c96d86c8e4fe6d76adbba
-
SHA256
150d23fbf15746eea8d7d2777660f28dda1819af73107c5877a17abcdbdc7b8d
-
SHA512
6309e7fa2a62ccdc55c6f0b324dcf5832c3daa5d55b1569ff21131a62ec54b055e123b7eeffdf64168ef992f09f521612d9d9b58c584fd1e508e36ba5eeb8e38
-
SSDEEP
3072:pUyCWDxYxQ2PDxYxC2T/Z1saoEZNpSefhENE/jzCqezq63jO:pUy1DxYxQ2PDxYxC2T/ZnN
Malware Config
Signatures
-
SocGholish
SocGholish is a JavaScript payload that downloads other malware.
-
Socgholish family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language IEXPLORE.EXE -
description ioc Process Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch IEXPLORE.EXE Set value (str) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" IEXPLORE.EXE Set value (int) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000009654e20b340cfa41873449e4fbf629d4000000000200000000001066000000010000200000005a9fa2599b49693fb8eeb4dd2648d67a70ed5e8f043324766bc608c51ef7a06b000000000e8000000002000020000000443711a835e51ef850f432c4cd5a0120a2902a4a8d526341c3eb6c59f163654320000000d9f1466f1e24faec2c4feae758cb508bf14181b0eeea5ac50a903fff0ea141a4400000005e810ea33b51431db5a91288558c27b92d2dd1297fdc6f3e53d0f66a57344941a6dc311f4d4a3b5e5e3e80fe1e58b18a8d0bcbb7495a6b347401a8563fcd94f8 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "439619251" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a07330eb9247db01 iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0F2C5581-B386-11EF-A160-4A174794FC88} = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "2" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000009654e20b340cfa41873449e4fbf629d40000000002000000000010660000000100002000000036218330e4ba3a79d7d27213a2fa3bd72428ad168898f6d612d1f9d6608cb53f000000000e800000000200002000000056f51342cb7075016f96f4a3aced3dab15f5b254393d1d2d61d9da6d0b540ca790000000c28b159360b11866e605622b5e9afe7527020841e3c7230afc480eadd4b1b517df9fd5227a9dea78177263642533fd07b4da332c58203a93cffa650adccf01bd9ecf5eb50891f6c63692dc1a73f55182d7c09cff11c56e12a5c11d97175cbd3e2f37addfca6a38f169fc64dfe6cc6302f988f306f25d1d5a982a15a465b1f25762c086dae93d48fb4cb632ad9769e48440000000449ba85b154b6e3b76873bfaa83c3253372e24cdc1a6d79266edb245533e880b9c12aa438716830d823fe8824a2bc7d9d02ffc153a8356fbdcf22452917dc884 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-3063565911-2056067323-3330884624-1000\Software\Microsoft\Internet Explorer\SearchScopes iexplore.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1628 IEXPLORE.EXE -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2340 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2340 iexplore.exe 2340 iexplore.exe 1628 IEXPLORE.EXE 1628 IEXPLORE.EXE 1628 IEXPLORE.EXE 1628 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2340 wrote to memory of 1628 2340 iexplore.exe 30 PID 2340 wrote to memory of 1628 2340 iexplore.exe 30 PID 2340 wrote to memory of 1628 2340 iexplore.exe 30 PID 2340 wrote to memory of 1628 2340 iexplore.exe 30
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\cae8fda29de263f3bbe9dcebe38927eb_JaffaCakes118.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2340 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2340 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1628
-
Network
-
Remote address:8.8.8.8:53Requestdrooid-today-script.googlecode.comIN AResponsedrooid-today-script.googlecode.comIN CNAMEgooglecode.l.googleusercontent.comgooglecode.l.googleusercontent.comIN A108.177.96.82
-
Remote address:8.8.8.8:53Requestdomassistant.googlecode.comIN AResponsedomassistant.googlecode.comIN CNAMEgooglecode.l.googleusercontent.comgooglecode.l.googleusercontent.comIN A108.177.96.82
-
Remote address:8.8.8.8:53Requestwww.blogger.comIN AResponsewww.blogger.comIN CNAMEblogger.l.google.comblogger.l.google.comIN A142.250.179.233
-
Remote address:8.8.8.8:53Requestnusacode.googlecode.comIN AResponsenusacode.googlecode.comIN CNAMEgooglecode.l.googleusercontent.comgooglecode.l.googleusercontent.comIN A108.177.96.82
-
Remote address:8.8.8.8:53Requestjavascript-share.googlecode.comIN AResponsejavascript-share.googlecode.comIN CNAMEgooglecode.l.googleusercontent.comgooglecode.l.googleusercontent.comIN A108.177.96.82
-
Remote address:8.8.8.8:53Requestbdv.bidvertiser.comIN AResponsebdv.bidvertiser.comIN A54.241.51.109
-
Remote address:8.8.8.8:53Request3.bp.blogspot.comIN AResponse3.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A172.217.16.225
-
Remote address:8.8.8.8:53Requestlh6.googleusercontent.comIN AResponselh6.googleusercontent.comIN CNAMEgooglehosted.l.googleusercontent.comgooglehosted.l.googleusercontent.comIN A142.250.200.33
-
Remote address:8.8.8.8:53Request2.bp.blogspot.comIN AResponse2.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A172.217.16.225
-
Remote address:8.8.8.8:53Requestwww.linkwithin.comIN AResponsewww.linkwithin.comIN CNAMElinkwithin.comlinkwithin.comIN A118.139.179.30
-
Remote address:8.8.8.8:53Requestwww.google.comIN AResponsewww.google.comIN A142.250.187.196
-
Remote address:8.8.8.8:53Request1.bp.blogspot.comIN AResponse1.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A172.217.16.225
-
Remote address:8.8.8.8:53Requestimages.dmca.comIN AResponseimages.dmca.comIN CNAMEdmca-images.b-cdn.netdmca-images.b-cdn.netIN A143.244.38.136
-
Remote address:8.8.8.8:53Requestxslt.alexa.comIN AResponse
-
Remote address:8.8.8.8:53Requestwww.blogtoplist.comIN AResponse
-
Remote address:8.8.8.8:53Requestwww.blogtoplist.comIN AResponse
-
Remote address:8.8.8.8:53Requestwww.blogtoplist.comIN AResponse
-
Remote address:8.8.8.8:53Requestwww.blogtoplist.comIN AResponse
-
Remote address:8.8.8.8:53Requeststats.topofblogs.comIN AResponsestats.topofblogs.comIN A159.69.42.212stats.topofblogs.comIN A159.69.186.9stats.topofblogs.comIN A195.201.124.255stats.topofblogs.comIN A65.21.240.245stats.topofblogs.comIN A95.216.161.60stats.topofblogs.comIN A159.69.83.207stats.topofblogs.comIN A162.55.172.212stats.topofblogs.comIN A23.88.53.29stats.topofblogs.comIN A168.119.245.137
-
Remote address:142.250.179.233:443RequestGET /static/v1/jsbin/3203714426-iframe_colorizer.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 5875
Date: Fri, 06 Dec 2024 03:56:28 GMT
Expires: Sat, 06 Dec 2025 03:56:28 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 15 Oct 2021 18:53:12 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.179.233:443RequestGET /static/v1/jsbin/4092144848-cmt.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=6ZXzZf42mevydnUrEmiDrOnHE9iIS_R_xjFJ1sPFEm8
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 33623
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 00:48:41 GMT
Expires: Sat, 06 Dec 2025 00:48:41 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 05 Dec 2024 21:52:28 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 11269
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=28ykR6QHK88StyfhK3LfOqcY4sYHCIveCUXeRqCbbHkIEXPLORE.EXERemote address:142.250.179.233:443RequestGET /comment-iframe-bg.g?bgresponse=js_disabled&bgint=28ykR6QHK88StyfhK3LfOqcY4sYHCIveCUXeRqCbbHk HTTP/1.1
Accept: */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1#%7B%22color%22%3A%22rgb(123%2C%20182%2C%205)%22%2C%22backgroundColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22unvisitedLinkColor%22%3A%22rgb(255%2C%20255%2C%20255)%22%2C%22fontFamily%22%3A%22%5C%22ms%20sans%20serif%5C%22%2C%20Arial%22%7D
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=6ZXzZf42mevydnUrEmiDrOnHE9iIS_R_xjFJ1sPFEm8
ResponseHTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 06 Dec 2024 03:56:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
Remote address:142.250.179.233:443RequestGET /generate_204?pQ9lLw HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=6ZXzZf42mevydnUrEmiDrOnHE9iIS_R_xjFJ1sPFEm8
ResponseHTTP/1.1 204 No Content
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 06 Dec 2024 03:56:31 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.179.233:443RequestGET /static/v1/v-css/4076883957-lightbox_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=6ZXzZf42mevydnUrEmiDrOnHE9iIS_R_xjFJ1sPFEm8
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 6540
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 16:35:37 GMT
Expires: Fri, 05 Dec 2025 16:35:37 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 11 Feb 2022 02:59:48 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 40861
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.blogger.com/dyn-css/authorization.css?targetBlogID=517622428880379629&zx=30e2b157-b616-4423-a0b7-bf13f17ec825IEXPLORE.EXERemote address:142.250.179.233:443RequestGET /dyn-css/authorization.css?targetBlogID=517622428880379629&zx=30e2b157-b616-4423-a0b7-bf13f17ec825 HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 06 Dec 2024 03:56:29 GMT
Last-Modified: Fri, 06 Dec 2024 03:56:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793IEXPLORE.EXERemote address:142.250.179.233:443RequestGET /comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 302 Moved Temporarily
Location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&go=true
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 06 Dec 2024 03:56:29 GMT
Expires: Fri, 06 Dec 2024 03:56:29 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1IEXPLORE.EXERemote address:142.250.179.233:443RequestGET /comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 06 Dec 2024 03:56:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: S=blogger=6ZXzZf42mevydnUrEmiDrOnHE9iIS_R_xjFJ1sPFEm8; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
Remote address:108.177.96.82:80RequestGET /svn/branches/2.8.1/DOMAssistantCompressed.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: domassistant.googlecode.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1605
Date: Fri, 06 Dec 2024 03:56:28 GMT
-
Remote address:142.250.179.233:443RequestGET /static/v1/widgets/1394523530-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 6667
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 01 Dec 2024 21:52:48 GMT
Expires: Mon, 01 Dec 2025 21:52:48 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 12 Nov 2021 02:51:58 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 367420
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.179.233:443RequestGET /img/cmt/close.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=6ZXzZf42mevydnUrEmiDrOnHE9iIS_R_xjFJ1sPFEm8
ResponseHTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 347
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 30 Nov 2024 12:13:15 GMT
Expires: Sat, 07 Dec 2024 12:13:15 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 30 Nov 2024 02:50:53 GMT
Content-Type: image/gif
Age: 488595
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.179.233:443RequestGET /static/v1/widgets/852648224-widgets.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 56900
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 16:35:02 GMT
Expires: Fri, 05 Dec 2025 16:35:02 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 29 Sep 2021 08:50:32 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 40886
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.179.233:443RequestGET /static/v1/v-css/2621646369-cmtfp.css HTTP/1.1
Accept: text/css, */*
Referer: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=6ZXzZf42mevydnUrEmiDrOnHE9iIS_R_xjFJ1sPFEm8
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 3701
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 01 Dec 2024 04:23:49 GMT
Expires: Mon, 01 Dec 2025 04:23:49 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Sun, 01 Dec 2024 01:51:16 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 430361
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.179.233:443RequestGET /static/v1/jsbin/146224643-lbx.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
Cookie: S=blogger=6ZXzZf42mevydnUrEmiDrOnHE9iIS_R_xjFJ1sPFEm8
ResponseHTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 122909
Date: Fri, 06 Dec 2024 03:56:38 GMT
Expires: Sat, 06 Dec 2025 03:56:38 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 29 Sep 2021 04:50:47 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:108.177.96.82:80RequestGET /files/auto_readmore_blogger.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: drooid-today-script.googlecode.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1591
Date: Fri, 06 Dec 2024 03:56:28 GMT
-
Remote address:108.177.96.82:80RequestGET /files/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: drooid-today-script.googlecode.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1580
Date: Fri, 06 Dec 2024 03:56:28 GMT
-
Remote address:108.177.96.82:80RequestGET /files/jquery-1.3.1.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: nusacode.googlecode.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1586
Date: Fri, 06 Dec 2024 03:56:28 GMT
-
Remote address:108.177.96.82:80RequestGET /files/wb_adf_ly_link_converter.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: javascript-share.googlecode.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1594
Date: Fri, 06 Dec 2024 03:56:28 GMT
-
Remote address:108.177.96.82:80RequestGET /files/wb.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: javascript-share.googlecode.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1572
Date: Fri, 06 Dec 2024 03:56:28 GMT
-
Remote address:142.250.187.196:80RequestGET /jsapi HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Cross-Origin-Resource-Policy: cross-origin
Location: https://www.gstatic.com/charts/loader.js
Server: sffe
Content-Length: 237
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:33:30 GMT
Expires: Fri, 06 Dec 2024 04:03:30 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1378
-
Remote address:118.139.179.30:80RequestGET /pixel.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.linkwithin.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
-
Remote address:118.139.179.30:80RequestGET /widget.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.linkwithin.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
-
Remote address:108.177.96.82:80RequestGET /files/slider.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: nusacode.googlecode.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1576
Date: Fri, 06 Dec 2024 03:56:28 GMT
-
GEThttp://3.bp.blogspot.com/-yHjgPSFgnDg/TvbR5Vi-yOI/AAAAAAAABOY/6be0hLfKpOE/s1600/Comment-add-icon+%25281%2529.pngIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /-yHjgPSFgnDg/TvbR5Vi-yOI/AAAAAAAABOY/6be0hLfKpOE/s1600/Comment-add-icon+%25281%2529.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v4e6"
Expires: Sat, 07 Dec 2024 03:56:28 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Comment-add-icon (1).png"
X-Content-Type-Options: nosniff
Date: Fri, 06 Dec 2024 03:56:28 GMT
Server: fife
Content-Length: 3375
X-XSS-Protection: 0
-
GEThttp://3.bp.blogspot.com/-hqoa_YwhA2A/T5Yb2iSK_lI/AAAAAAAABdY/ASy95CIaVa8/s1600/buka-rahasia-sharing-background.pngIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /-hqoa_YwhA2A/T5Yb2iSK_lI/AAAAAAAABdY/ASy95CIaVa8/s1600/buka-rahasia-sharing-background.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="buka-rahasia-sharing-background.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2286
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:56:30 GMT
Expires: Sat, 07 Dec 2024 03:56:30 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5d6"
Content-Type: image/png
Vary: Origin
Age: 0
-
GEThttp://3.bp.blogspot.com/-UIu0rSEBxTo/UHfTSJwENLI/AAAAAAAADJU/n7m4Z6-Z910/s200/RealCalc+Plus.pngIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /-UIu0rSEBxTo/UHfTSJwENLI/AAAAAAAADJU/n7m4Z6-Z910/s200/RealCalc+Plus.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vc95"
Expires: Sat, 07 Dec 2024 03:56:28 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="RealCalc Plus.png"
X-Content-Type-Options: nosniff
Date: Fri, 06 Dec 2024 03:56:28 GMT
Server: fife
Content-Length: 5111
X-XSS-Protection: 0
-
GEThttp://1.bp.blogspot.com/-Yc_O3spIZ64/UYyfvSJqVUI/AAAAAAAADug/LqLpvVk570k/s1600/instagram.jpgIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /-Yc_O3spIZ64/UYyfvSJqVUI/AAAAAAAADug/LqLpvVk570k/s1600/instagram.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="instagram.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 42051
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:56:28 GMT
Expires: Sat, 07 Dec 2024 03:56:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vee8"
Content-Type: image/jpeg
Vary: Origin
Age: 0
-
GEThttp://1.bp.blogspot.com/-eHPovv_yOmM/Ty_OtCtU2XI/AAAAAAAABC4/zA_6a9rvUMU/s1600/secondary-menu-bg.pngIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /-eHPovv_yOmM/Ty_OtCtU2XI/AAAAAAAABC4/zA_6a9rvUMU/s1600/secondary-menu-bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v42e"
Expires: Sat, 07 Dec 2024 03:56:30 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="secondary-menu-bg.png"
X-Content-Type-Options: nosniff
Date: Fri, 06 Dec 2024 03:56:30 GMT
Server: fife
Content-Length: 899
X-XSS-Protection: 0
-
Remote address:54.241.51.109:80RequestGET /BidVertiser.dbm?pid=480181&bid=1192282 HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: bdv.bidvertiser.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Connection: close
Content-Length: 87
-
Remote address:159.69.42.212:80RequestGET /send/175754 HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: stats.topofblogs.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Fri, 06 Dec 2024 03:36:24 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoidG9wb2ZibG9ncy5jb20iLCJtZW1iZXIiOiIxMTMiLCJ0ZW1wbGF0ZSI6InRjcHJ0cCIsInVzZXJBZ2VudCI6Ik1vemlsbGFcLzUuMCAoV2luZG93cyBOVCA2LjE7IFdPVzY0OyBUcmlkZW50XC83LjA7IHJ2OjExLjApIGxpa2UgR2Vja28iLCJzZXNzaW9uIjoiOGE5NzZmN2M5NTYwMGM2ZjJiZjQyZTNhNGQwNGZmMjciLCJ0aW1lX2luaXQiOjE3MzM0NTYxODR9; expires=Fri, 06-Dec-2024 22:59:59 GMT; Max-Age=69815; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
-
GEThttps://lh6.googleusercontent.com/-29ZJR93awaY/UVVy98zVPNI/AAAAAAAADnc/Vi3NUmwQe-M/h46/IMG-20130329-WA0000.jpgIEXPLORE.EXERemote address:142.250.200.33:443RequestGET /-29ZJR93awaY/UVVy98zVPNI/AAAAAAAADnc/Vi3NUmwQe-M/h46/IMG-20130329-WA0000.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: lh6.googleusercontent.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="IMG-20130329-WA0000.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 7282
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:56:29 GMT
Expires: Sat, 07 Dec 2024 03:56:29 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "ve78"
Content-Type: image/jpeg
Vary: Origin
Age: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttp://images.dmca.com/Badges/dmca_protected_sml_120ae.png?ID=76b62f1d-6f5a-4ec2-9fcb-0627f700bf7dIEXPLORE.EXERemote address:143.244.38.136:80RequestGET /Badges/dmca_protected_sml_120ae.png?ID=76b62f1d-6f5a-4ec2-9fcb-0627f700bf7d HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: images.dmca.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3140
Connection: keep-alive
Server: BunnyCDN-UK1-886
CDN-PullZone: 1574055
CDN-Uid: c136c664-112d-4533-8247-f90f6849ab39
CDN-RequestCountryCode: GB
Cache-Control: public, max-age=31536000
ETag: "94adaa34e0ebca1:0"
Last-Modified: Tue, 04 May 2010 23:19:12 GMT
X-Powered-By: ASP.NET
CDN-ProxyVer: 1.06
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
CDN-CachedAt: 11/07/2024 19:44:05
CDN-EdgeStorageId: 886
Link: <https://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120ae.png?ID=d54a18bc-f41a-48c2-ae7e-688c70cd317e>; rel="canonical"
CDN-Status: 200
CDN-RequestTime: 0
CDN-RequestId: 6c3fb7be9d0d52bde08b148024b6b797
CDN-Cache: HIT
Accept-Ranges: bytes
-
GEThttp://2.bp.blogspot.com/-JX16FnrEsRQ/UHfTQws8gvI/AAAAAAAADJQ/KBTD8k7AgnE/s400/RealCalc+Plus.jpgIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /-JX16FnrEsRQ/UHfTQws8gvI/AAAAAAAADJQ/KBTD8k7AgnE/s400/RealCalc+Plus.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "vc94"
Expires: Sat, 07 Dec 2024 03:56:28 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="RealCalc Plus.jpg"
X-Content-Type-Options: nosniff
Date: Fri, 06 Dec 2024 03:56:28 GMT
Server: fife
Content-Length: 34103
X-XSS-Protection: 0
-
GEThttp://2.bp.blogspot.com/_qTWVg4q5lCo/SNmEj3NDSUI/AAAAAAAABFU/7PJFapTYYAQ/s1600/16-tag-add.pngIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /_qTWVg4q5lCo/SNmEj3NDSUI/AAAAAAAABFU/7PJFapTYYAQ/s1600/16-tag-add.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="16-tag-add.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 322
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:56:30 GMT
Expires: Sat, 07 Dec 2024 03:56:30 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v455"
Content-Type: image/png
Vary: Origin
Age: 0
-
GEThttp://2.bp.blogspot.com/-lDppcTd-d5w/T5Yb5aJ_anI/AAAAAAAABdg/qw_3bh0X3NA/s1600/bukarahasia-sexysprite.pngIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /-lDppcTd-d5w/T5Yb5aJ_anI/AAAAAAAABdg/qw_3bh0X3NA/s1600/bukarahasia-sexysprite.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bukarahasia-sexysprite.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 41320
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:56:30 GMT
Expires: Sat, 07 Dec 2024 03:56:30 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5d8"
Content-Type: image/png
Vary: Origin
Age: 0
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:142.250.178.3:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:25:02 GMT
Expires: Fri, 06 Dec 2024 04:15:02 GMT
Cache-Control: public, max-age=3000
Age: 1886
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/gsr1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 1739
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:19:53 GMT
Expires: Fri, 06 Dec 2024 04:09:53 GMT
Cache-Control: public, max-age=3000
Age: 2200
Last-Modified: Mon, 07 Oct 2024 07:18:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:25:02 GMT
Expires: Fri, 06 Dec 2024 04:15:02 GMT
Cache-Control: public, max-age=3000
Age: 1886
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/gsr1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 1739
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:19:53 GMT
Expires: Fri, 06 Dec 2024 04:09:53 GMT
Cache-Control: public, max-age=3000
Age: 2200
Last-Modified: Mon, 07 Oct 2024 07:18:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:25:02 GMT
Expires: Fri, 06 Dec 2024 04:15:02 GMT
Cache-Control: public, max-age=3000
Age: 1886
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r4.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 436
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:15:55 GMT
Expires: Fri, 06 Dec 2024 04:05:55 GMT
Cache-Control: public, max-age=3000
Age: 2438
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:25:02 GMT
Expires: Fri, 06 Dec 2024 04:15:02 GMT
Cache-Control: public, max-age=3000
Age: 1886
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r4.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 436
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:15:55 GMT
Expires: Fri, 06 Dec 2024 04:05:55 GMT
Cache-Control: public, max-age=3000
Age: 2438
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:25:02 GMT
Expires: Fri, 06 Dec 2024 04:15:02 GMT
Cache-Control: public, max-age=3000
Age: 1886
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:25:02 GMT
Expires: Fri, 06 Dec 2024 04:15:02 GMT
Cache-Control: public, max-age=3000
Age: 1886
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:25:02 GMT
Expires: Fri, 06 Dec 2024 04:15:02 GMT
Cache-Control: public, max-age=3000
Age: 1886
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.178.3:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 06 Dec 2024 03:25:02 GMT
Expires: Fri, 06 Dec 2024 04:15:02 GMT
Cache-Control: public, max-age=3000
Age: 1886
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.178.3
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3SIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3S HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:51:51 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 277
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJnus44n5nwRLrRYIh8jOLIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJnus44n5nwRLrRYIh8jOL HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:50:48 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 342
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3SIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3S HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:51:51 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 277
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJnus44n5nwRLrRYIh8jOLIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJnus44n5nwRLrRYIh8jOL HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:50:48 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 342
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDEGAgOcBEqfBC%2B1yioLDZaIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDEGAgOcBEqfBC%2B1yioLDZa HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:26:56 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1772
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCdnAM1WJ6jQhB6sJGT2DtiIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCdnAM1WJ6jQhB6sJGT2Dti HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:24:53 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1897
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCBLY48YnSQEBKPcOwoCZ04IEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCBLY48YnSQEBKPcOwoCZ04 HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:45:16 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 672
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3SIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3S HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:51:51 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 277
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3SIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3S HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:51:51 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 277
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDEGAgOcBEqfBC%2B1yioLDZaIEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDEGAgOcBEqfBC%2B1yioLDZa HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:26:56 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1772
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCBLY48YnSQEBKPcOwoCZ04IEXPLORE.EXERemote address:142.250.178.3:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCBLY48YnSQEBKPcOwoCZ04 HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Fri, 06 Dec 2024 03:45:16 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 672
-
Remote address:142.250.200.14:80RequestGET /ga.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google-analytics.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
Date: Fri, 06 Dec 2024 03:44:54 GMT
Expires: Fri, 06 Dec 2024 05:44:54 GMT
Cache-Control: public, max-age=7200
Age: 695
Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Request4.bp.blogspot.comIN AResponse4.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A172.217.16.225
-
GEThttp://4.bp.blogspot.com/-qyDDNXwiQI0/Ty_OPggv3FI/AAAAAAAABCw/Llauzy6-io8/s1600/background-image.pngIEXPLORE.EXERemote address:172.217.16.225:80RequestGET /-qyDDNXwiQI0/Ty_OPggv3FI/AAAAAAAABCw/Llauzy6-io8/s1600/background-image.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v42c"
Expires: Sat, 07 Dec 2024 03:56:30 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="background-image.png"
X-Content-Type-Options: nosniff
Date: Fri, 06 Dec 2024 03:56:30 GMT
Server: fife
Content-Length: 20758
X-XSS-Protection: 0
-
Remote address:8.8.8.8:53Requestwww.facebook.comIN AResponsewww.facebook.comIN CNAMEstar-mini.c10r.facebook.comstar-mini.c10r.facebook.comIN A163.70.147.35
-
GEThttp://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80IEXPLORE.EXERemote address:163.70.147.35:80RequestGET /widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 06 Dec 2024 03:56:29 GMT
Connection: keep-alive
Content-Length: 0
-
GEThttp://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80IEXPLORE.EXERemote address:163.70.147.35:80RequestGET /widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 06 Dec 2024 03:56:29 GMT
Connection: keep-alive
Content-Length: 0
-
GEThttps://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80IEXPLORE.EXERemote address:163.70.147.35:443RequestGET /widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7445142800508506068"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7445142800508506068"}]}
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: H1kuikQWCZ0GyBvIEp5Bo0jE3uLqAELfCLptip1f965uTD2gFlhmzh0hGQwDs0LnLZ/kBid6u8Qp/uDlQW4kTw==
Date: Fri, 06 Dec 2024 03:56:30 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=27, rtx=1, c=10, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=23, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
-
Remote address:8.8.8.8:53Requesti1259.photobucket.comIN AResponsei1259.photobucket.comIN A3.165.113.12i1259.photobucket.comIN A3.165.113.35i1259.photobucket.comIN A3.165.113.116i1259.photobucket.comIN A3.165.113.31
-
GEThttps://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80IEXPLORE.EXERemote address:163.70.147.35:443RequestGET /widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7445142800396340754"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7445142800396340754"}]}
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: /i94bdi2hbTBk57I84u7oF/qY8S8YsCNbKbMRD9B/nXCDYXzH90K4mZVEw4bJSzAw0PLhpklCRtJdPqprxBWGw==
Date: Fri, 06 Dec 2024 03:56:30 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=30, rtx=1, c=10, mss=1357, tbw=3223, tp=-1, tpl=-1, uplat=21, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
-
GEThttp://i1259.photobucket.com/albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.pngIEXPLORE.EXERemote address:3.165.113.12:80RequestGET /albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: i1259.photobucket.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Date: Fri, 06 Dec 2024 03:56:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1259.photobucket.com/albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.png
X-Cache: Redirect from cloudfront
Via: 1.1 54ef1d90c22575b90ebdff8d7e91da10.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: Q4HhXMMd2EmCp7JFNgJO1y2GCucmSOPwaOQNjMmJ84lTfybUPD1P_A==
Vary: Origin
-
GEThttps://i1259.photobucket.com/albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.pngIEXPLORE.EXERemote address:3.165.113.12:443RequestGET /albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: i1259.photobucket.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Length: 44913
Connection: keep-alive
Date: Fri, 06 Dec 2024 03:56:31 GMT
Cache-Control: max-age=31536000, public
Content-Disposition: inline; filename="headerdrooidtodaycomjadi.png"
Content-Security-Policy: script-src 'none'
Server: photobucket
X-Amzn-Trace-Id: Root=1-675275ef-273cacea7be8061f11b996fc
X-Request-Id: DIQX5PwlmIT6S8KT_NkhI
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 14f700f57de0fa6a4a98a7ddba0a5eda.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG50-P3
X-Amz-Cf-Id: dCQ_VFhghZf_wXUeObkIIp8av2w3rjyocBjcwRR2u2CXSune17mk0Q==
Vary: Origin
-
Remote address:8.8.8.8:53Requesti50.tinypic.comIN AResponse
-
Remote address:8.8.8.8:53Requestssl.gstatic.comIN AResponsessl.gstatic.comIN A142.250.200.3
-
Remote address:142.250.200.3:443RequestGET /android/market_images/web/background_stripes.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ssl.gstatic.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 60
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 05 Dec 2024 20:00:47 GMT
Expires: Fri, 05 Dec 2025 20:00:47 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: image/gif
Age: 28543
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requestaccounts.google.comIN AResponseaccounts.google.comIN A173.194.69.84
-
GEThttps://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&go=trueIEXPLORE.EXERemote address:173.194.69.84:443RequestGET /ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&go=true HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Set-Cookie: __Host-GAPS=1:Rl5hsoBD9EsTDQr-8x_VGtx9O4Tg2A:6-M7pdws7XBfa1_y; Expires=Sun, 06-Dec-2026 03:56:30 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 06 Dec 2024 03:56:30 GMT
Location: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Content-Security-Policy: script-src 'nonce-0x2iI5j1p6AwwlDOwzitWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Resource-Policy: cross-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: unsafe-none
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.187.196:443RequestGET /js/bg/28ykR6QHK88StyfhK3LfOqcY4sYHCIveCUXeRqCbbHk.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Referer: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 24847
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 04 Dec 2024 20:23:55 GMT
Expires: Thu, 04 Dec 2025 20:23:55 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Nov 2024 13:30:00 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 113555
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requestresources.blogblog.comIN AResponseresources.blogblog.comIN CNAMEblogger.l.google.comblogger.l.google.comIN A142.250.179.233
-
Remote address:142.250.179.233:443RequestGET /img/blank.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 43
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 30 Nov 2024 11:39:06 GMT
Expires: Sat, 07 Dec 2024 11:39:06 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 29 Nov 2024 01:51:24 GMT
Content-Type: image/gif
Age: 490644
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.179.233:443RequestGET /img/anon36.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Referer: https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: resources.blogblog.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 1654
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 30 Nov 2024 11:22:25 GMT
Expires: Sat, 07 Dec 2024 11:22:25 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 30 Nov 2024 05:53:27 GMT
Content-Type: image/png
Age: 491645
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requests10.histats.comIN AResponses10.histats.comIN CNAMEs10.histats.com.cdn.cloudflare.nets10.histats.com.cdn.cloudflare.netIN A104.20.2.69s10.histats.com.cdn.cloudflare.netIN A104.20.3.69
-
Remote address:104.20.2.69:80RequestGET /js15.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: s10.histats.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 4405
Connection: keep-alive
Content-Encoding: gzip
ETag: "980881274"
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
Vary: Accept-Encoding
Cache-Control: max-age=28800
CF-Cache-Status: HIT
Age: 31964
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 8ed958c20be3ef0b-LHR
-
Remote address:8.8.8.8:53Requests4.histats.comIN AResponses4.histats.comIN A149.56.240.130s4.histats.comIN A54.39.156.32s4.histats.comIN A149.56.240.27s4.histats.comIN A54.39.128.117s4.histats.comIN A149.56.240.132s4.histats.comIN A54.39.128.162s4.histats.comIN A142.4.219.198s4.histats.comIN A149.56.240.129s4.histats.comIN A149.56.240.128s4.histats.comIN A149.56.240.31s4.histats.comIN A149.56.240.127s4.histats.comIN A149.56.240.131s4.histats.comIN A158.69.254.144
-
Remote address:8.8.8.8:53Requestworld.popadscdn.netIN AResponseworld.popadscdn.netIN A190.2.139.23
-
GEThttps://s4.histats.com/stats/1949034.php?1949034&@f16&@g1&@h1&@i1&@j1733457392014&@k0&@l1&@mDownload%20RealCalc%20Plus%20v1.7.3%20%7C%20Drooid%20Today%20%7C%20Your%20Android%20Stuffs&@n0&@o1000&@q0&@r0&@s3018&@ten-US&@u1280&@b1:176569184&@b3:1733457392&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5Ccae8fda29de263f3bbe9dcebe38927eb_JaffaCakes118.html&@wIEXPLORE.EXERemote address:149.56.240.130:443RequestGET /stats/1949034.php?1949034&@f16&@g1&@h1&@i1&@j1733457392014&@k0&@l1&@mDownload%20RealCalc%20Plus%20v1.7.3%20%7C%20Drooid%20Today%20%7C%20Your%20Android%20Stuffs&@n0&@o1000&@q0&@r0&@s3018&@ten-US&@u1280&@b1:176569184&@b3:1733457392&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5Ccae8fda29de263f3bbe9dcebe38927eb_JaffaCakes118.html&@w HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: s4.histats.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Content-Length: 403
Connection: close
-
Remote address:190.2.139.23:80RequestGET /pop.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: world.popadscdn.net
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Date: Fri, 06 Dec 2024 03:56:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.34
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
-
Remote address:8.8.8.8:53Requeststatinside.comIN AResponsestatinside.comIN A104.21.57.149statinside.comIN A172.67.146.166
-
Remote address:104.21.57.149:443RequestGET /counter.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: statinside.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Feb 2024 08:02:54 GMT
ETag: W/"65dd972e-2f4f"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1559
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3TdGRMBzpIiV24qF82BNmu2MxeOtIsJHNeZC77ljyBIsyDtEvuI3zdbq2hKxN3vsnb8cy7Z%2FCw4ECqZ6qO%2BaXqLgFGyqdm2L1qrSdtobDLdHOeia4udh8T164V3WY%2B8WA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8ed958c5494aedeb-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=41365&min_rtt=26123&rtt_var=35631&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3141&recv_bytes=575&delivery_rate=131035&cwnd=253&unsent_bytes=0&cid=0f6aaa4128a56b0c&ts=183&x=0"
-
Remote address:104.21.57.149:443RequestPOST /api/add-hit HTTP/1.1
Accept: */*
Content-Type: text/plain
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: statinside.com
Content-Length: 309
Connection: Keep-Alive
Cache-Control: no-cache
ResponseHTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJaoqDJmOSGNTLVrp9%2B4AeiTTOACMBGt9doBlYHxDr4VJOfzjh1a6OXmBIA5wG0Ex8sLS1pD%2FhoJAuTg7jNfRvbhXqvz0%2BF2cS7250aCVzH1t7tX04o4cFInnNJOcP3nyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8ed958c589ccedeb-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=34640&min_rtt=25851&rtt_var=15408&sent=15&recv=12&lost=0&retrans=0&sent_bytes=9532&recv_bytes=1241&delivery_rate=412305&cwnd=257&unsent_bytes=0&cid=0f6aaa4128a56b0c&ts=257&x=0"
-
Remote address:8.8.8.8:53Requestwww.blogtoplist.comIN AResponse
-
Remote address:8.8.8.8:53Requestwww.blogtoplist.comIN AResponse
-
Remote address:8.8.8.8:53Requestwww.blogtoplist.comIN AResponse
-
Remote address:8.8.8.8:53Requestwww.blogtoplist.comIN AResponse
-
Remote address:8.8.8.8:53Requestr11.o.lencr.orgIN AResponser11.o.lencr.orgIN CNAMEo.lencr.edgesuite.neto.lencr.edgesuite.netIN CNAMEa1887.dscq.akamai.neta1887.dscq.akamai.netIN A2.22.144.142a1887.dscq.akamai.netIN A2.22.144.149
-
Remote address:8.8.8.8:53Requestr11.o.lencr.orgIN AResponser11.o.lencr.orgIN CNAMEo.lencr.edgesuite.neto.lencr.edgesuite.netIN CNAMEa1887.dscq.akamai.neta1887.dscq.akamai.netIN A2.22.144.142a1887.dscq.akamai.netIN A2.22.144.149
-
GEThttp://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3DIEXPLORE.EXERemote address:2.22.144.142:80RequestGET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: r11.o.lencr.org
ResponseHTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CCBF0C8D9F2505D7934E463C3EC95F2867B94C19AA836BEE1CF526C0BECD8701"
Last-Modified: Tue, 03 Dec 2024 20:49:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8186
Expires: Fri, 06 Dec 2024 06:12:59 GMT
Date: Fri, 06 Dec 2024 03:56:33 GMT
Connection: keep-alive
-
GEThttp://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3DIEXPLORE.EXERemote address:2.22.144.142:80RequestGET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: r11.o.lencr.org
ResponseHTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CCBF0C8D9F2505D7934E463C3EC95F2867B94C19AA836BEE1CF526C0BECD8701"
Last-Modified: Tue, 03 Dec 2024 20:49:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8186
Expires: Fri, 06 Dec 2024 06:12:59 GMT
Date: Fri, 06 Dec 2024 03:56:33 GMT
Connection: keep-alive
-
Remote address:104.20.2.69:443RequestGET /counters/cc_3018.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: s10.histats.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 7830
Connection: keep-alive
Content-Encoding: gzip
ETag: "-729663383"
Last-Modified: Thu, 16 Apr 2020 10:45:32 GMT
Vary: Accept-Encoding
Cache-Control: max-age=28800
CF-Cache-Status: HIT
Age: 64128
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 8ed958c7bc2bbeb5-LHR
-
Remote address:8.8.8.8:53Requestcrl.microsoft.comIN AResponsecrl.microsoft.comIN CNAMEcrl.www.ms.akadns.netcrl.www.ms.akadns.netIN CNAMEa1363.dscg.akamai.neta1363.dscg.akamai.netIN A88.221.134.83a1363.dscg.akamai.netIN A88.221.134.146
-
Remote address:88.221.134.83:80RequestGET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Thu, 11 Jul 2024 01:45:51 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-MD5: 8M9bF5Tsp81z+cAg2quO8g==
Last-Modified: Thu, 26 Sep 2024 02:21:11 GMT
ETag: 0x8DCDDD1E3AF2C76
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 37b0a847-001e-003a-4dc7-0f4d92000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 06 Dec 2024 03:56:59 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A184.25.193.234
-
Remote address:184.25.193.234:80RequestGET /pkiops/crl/MicCodSigPCA2011_2011-07-08.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Sun, 18 Aug 2024 00:23:49 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-MD5: PjrtHAukbJio72s77Ag5mA==
Last-Modified: Thu, 31 Oct 2024 23:26:09 GMT
ETag: 0x8DCFA0366D6C4CA
x-ms-request-id: a13a8c23-801e-001b-7bf0-2b69e9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 06 Dec 2024 03:56:59 GMT
Connection: keep-alive
TLS_version: UNKNOWN
ms-cv: CASMicrosoftCVa2085ad6.0
ms-cv-esi: CASMicrosoftCVa2085ad6.0
X-RTag: RT
-
Remote address:149.56.240.130:443RequestGET /stats/e.php?1949034&@Ab&@R14945&@w HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: s4.histats.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
Content-Length: 403
Connection: close
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A184.25.193.234
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A184.25.193.234
-
142.250.179.233:443https://www.blogger.com/static/v1/v-css/4076883957-lightbox_bundle.csstls, httpIEXPLORE.EXE4.6kB 76.6kB 43 67
HTTP Request
GET https://www.blogger.com/static/v1/jsbin/3203714426-iframe_colorizer.jsHTTP Response
200HTTP Request
GET https://www.blogger.com/static/v1/jsbin/4092144848-cmt.jsHTTP Response
200HTTP Request
GET https://www.blogger.com/comment-iframe-bg.g?bgresponse=js_disabled&bgint=28ykR6QHK88StyfhK3LfOqcY4sYHCIveCUXeRqCbbHkHTTP Response
200HTTP Request
GET https://www.blogger.com/generate_204?pQ9lLwHTTP Response
204HTTP Request
GET https://www.blogger.com/static/v1/v-css/4076883957-lightbox_bundle.cssHTTP Response
200 -
142.250.179.233:443https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1tls, httpIEXPLORE.EXE2.1kB 11.1kB 17 21
HTTP Request
GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=517622428880379629&zx=30e2b157-b616-4423-a0b7-bf13f17ec825HTTP Response
200HTTP Request
GET https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793HTTP Response
302HTTP Request
GET https://www.blogger.com/comment-iframe.g?blogID=517622428880379629&postID=2002298523016146793&bpli=1HTTP Response
200 -
108.177.96.82:80http://domassistant.googlecode.com/svn/branches/2.8.1/DOMAssistantCompressed.jshttpIEXPLORE.EXE624 B 2.0kB 7 5
HTTP Request
GET http://domassistant.googlecode.com/svn/branches/2.8.1/DOMAssistantCompressed.jsHTTP Response
404 -
190 B 92 B 4 2
-
1.9kB 14.5kB 17 17
HTTP Request
GET https://www.blogger.com/static/v1/widgets/1394523530-widget_css_bundle.cssHTTP Response
200HTTP Request
GET https://www.blogger.com/img/cmt/close.gifHTTP Response
200 -
5.3kB 200.2kB 85 152
HTTP Request
GET https://www.blogger.com/static/v1/widgets/852648224-widgets.jsHTTP Response
200HTTP Request
GET https://www.blogger.com/static/v1/v-css/2621646369-cmtfp.cssHTTP Response
200HTTP Request
GET https://www.blogger.com/static/v1/jsbin/146224643-lbx.jsHTTP Response
200 -
108.177.96.82:80http://drooid-today-script.googlecode.com/files/auto_readmore_blogger.jshttpIEXPLORE.EXE571 B 1.9kB 6 4
HTTP Request
GET http://drooid-today-script.googlecode.com/files/auto_readmore_blogger.jsHTTP Response
404 -
606 B 1.9kB 7 5
HTTP Request
GET http://drooid-today-script.googlecode.com/files/jquery.min.jsHTTP Response
404 -
555 B 1.9kB 6 4
HTTP Request
GET http://nusacode.googlecode.com/files/jquery-1.3.1.min.jsHTTP Response
404 -
108.177.96.82:80http://javascript-share.googlecode.com/files/wb_adf_ly_link_converter.jshttpIEXPLORE.EXE617 B 2.0kB 7 5
HTTP Request
GET http://javascript-share.googlecode.com/files/wb_adf_ly_link_converter.jsHTTP Response
404 -
595 B 1.9kB 7 5
HTTP Request
GET http://javascript-share.googlecode.com/files/wb.jsHTTP Response
404 -
526 B 793 B 6 4
HTTP Request
GET http://www.google.com/jsapiHTTP Response
301 -
781 B 679 B 11 4
HTTP Request
GET http://www.linkwithin.com/pixel.pngHTTP Response
404 -
190 B 92 B 4 2
-
764 B 679 B 11 4
HTTP Request
GET http://www.linkwithin.com/widget.jsHTTP Response
404 -
545 B 1.9kB 6 4
HTTP Request
GET http://nusacode.googlecode.com/files/slider.jsHTTP Response
404 -
172.217.16.225:80http://3.bp.blogspot.com/-hqoa_YwhA2A/T5Yb2iSK_lI/AAAAAAAABdY/ASy95CIaVa8/s1600/buka-rahasia-sharing-background.pnghttpIEXPLORE.EXE1.2kB 7.0kB 10 10
HTTP Request
GET http://3.bp.blogspot.com/-yHjgPSFgnDg/TvbR5Vi-yOI/AAAAAAAABOY/6be0hLfKpOE/s1600/Comment-add-icon+%25281%2529.pngHTTP Response
200HTTP Request
GET http://3.bp.blogspot.com/-hqoa_YwhA2A/T5Yb2iSK_lI/AAAAAAAABdY/ASy95CIaVa8/s1600/buka-rahasia-sharing-background.pngHTTP Response
200 -
172.217.16.225:80http://3.bp.blogspot.com/-UIu0rSEBxTo/UHfTSJwENLI/AAAAAAAADJU/n7m4Z6-Z910/s200/RealCalc+Plus.pnghttpIEXPLORE.EXE710 B 6.1kB 8 9
HTTP Request
GET http://3.bp.blogspot.com/-UIu0rSEBxTo/UHfTSJwENLI/AAAAAAAADJU/n7m4Z6-Z910/s200/RealCalc+Plus.pngHTTP Response
200 -
190 B 132 B 4 3
-
172.217.16.225:80http://1.bp.blogspot.com/-eHPovv_yOmM/Ty_OtCtU2XI/AAAAAAAABC4/zA_6a9rvUMU/s1600/secondary-menu-bg.pnghttpIEXPLORE.EXE1.7kB 45.4kB 23 37
HTTP Request
GET http://1.bp.blogspot.com/-Yc_O3spIZ64/UYyfvSJqVUI/AAAAAAAADug/LqLpvVk570k/s1600/instagram.jpgHTTP Response
200HTTP Request
GET http://1.bp.blogspot.com/-eHPovv_yOmM/Ty_OtCtU2XI/AAAAAAAABC4/zA_6a9rvUMU/s1600/secondary-menu-bg.pngHTTP Response
200 -
54.241.51.109:80http://bdv.bidvertiser.com/BidVertiser.dbm?pid=480181&bid=1192282httpIEXPLORE.EXE518 B 342 B 5 4
HTTP Request
GET http://bdv.bidvertiser.com/BidVertiser.dbm?pid=480181&bid=1192282HTTP Response
200 -
190 B 92 B 4 2
-
837 B 2.1kB 12 5
HTTP Request
GET http://stats.topofblogs.com/send/175754HTTP Response
200 -
190 B 132 B 4 3
-
190 B 132 B 4 3
-
142.250.200.33:443https://lh6.googleusercontent.com/-29ZJR93awaY/UVVy98zVPNI/AAAAAAAADnc/Vi3NUmwQe-M/h46/IMG-20130329-WA0000.jpgtls, httpIEXPLORE.EXE1.3kB 17.9kB 14 18
HTTP Request
GET https://lh6.googleusercontent.com/-29ZJR93awaY/UVVy98zVPNI/AAAAAAAADnc/Vi3NUmwQe-M/h46/IMG-20130329-WA0000.jpgHTTP Response
200 -
143.244.38.136:80http://images.dmca.com/Badges/dmca_protected_sml_120ae.png?ID=76b62f1d-6f5a-4ec2-9fcb-0627f700bf7dhttpIEXPLORE.EXE660 B 4.2kB 7 7
HTTP Request
GET http://images.dmca.com/Badges/dmca_protected_sml_120ae.png?ID=76b62f1d-6f5a-4ec2-9fcb-0627f700bf7dHTTP Response
200 -
756 B 9.7kB 10 11
-
172.217.16.225:80http://2.bp.blogspot.com/_qTWVg4q5lCo/SNmEj3NDSUI/AAAAAAAABFU/7PJFapTYYAQ/s1600/16-tag-add.pnghttpIEXPLORE.EXE1.7kB 37.4kB 22 32
HTTP Request
GET http://2.bp.blogspot.com/-JX16FnrEsRQ/UHfTQws8gvI/AAAAAAAADJQ/KBTD8k7AgnE/s400/RealCalc+Plus.jpgHTTP Response
200HTTP Request
GET http://2.bp.blogspot.com/_qTWVg4q5lCo/SNmEj3NDSUI/AAAAAAAABFU/7PJFapTYYAQ/s1600/16-tag-add.pngHTTP Response
200 -
172.217.16.225:80http://2.bp.blogspot.com/-lDppcTd-d5w/T5Yb5aJ_anI/AAAAAAAABdg/qw_3bh0X3NA/s1600/bukarahasia-sexysprite.pnghttpIEXPLORE.EXE1.4kB 43.2kB 22 34
HTTP Request
GET http://2.bp.blogspot.com/-lDppcTd-d5w/T5Yb5aJ_anI/AAAAAAAABdg/qw_3bh0X3NA/s1600/bukarahasia-sexysprite.pngHTTP Response
200 -
554 B 4.3kB 7 6
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200HTTP Request
GET http://c.pki.goog/r/gsr1.crlHTTP Response
200 -
554 B 4.3kB 7 6
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200HTTP Request
GET http://c.pki.goog/r/gsr1.crlHTTP Response
200 -
558 B 4.1kB 7 6
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200HTTP Request
GET http://c.pki.goog/r/r4.crlHTTP Response
200 -
558 B 4.1kB 7 6
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200HTTP Request
GET http://c.pki.goog/r/r4.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
142.250.178.3:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJnus44n5nwRLrRYIh8jOLhttpIEXPLORE.EXE834 B 2.3kB 8 5
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3SHTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJnus44n5nwRLrRYIh8jOLHTTP Response
200 -
142.250.178.3:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJnus44n5nwRLrRYIh8jOLhttpIEXPLORE.EXE840 B 3.1kB 8 6
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3SHTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDJnus44n5nwRLrRYIh8jOLHTTP Response
200 -
142.250.178.3:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCdnAM1WJ6jQhB6sJGT2DtihttpIEXPLORE.EXE886 B 3.1kB 9 6
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDEGAgOcBEqfBC%2B1yioLDZaHTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCdnAM1WJ6jQhB6sJGT2DtiHTTP Response
200 -
142.250.178.3:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCBLY48YnSQEBKPcOwoCZ04httpIEXPLORE.EXE514 B 1.6kB 6 4
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCBLY48YnSQEBKPcOwoCZ04HTTP Response
200 -
142.250.178.3:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3ShttpIEXPLORE.EXE516 B 1.6kB 6 4
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3SHTTP Response
200 -
142.250.178.3:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3ShttpIEXPLORE.EXE516 B 1.6kB 6 4
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDqY175YJL2xBDRBNzx6%2B3SHTTP Response
200 -
142.250.178.3:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDEGAgOcBEqfBC%2B1yioLDZahttpIEXPLORE.EXE516 B 1.6kB 6 4
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDEGAgOcBEqfBC%2B1yioLDZaHTTP Response
200 -
142.250.178.3:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCBLY48YnSQEBKPcOwoCZ04httpIEXPLORE.EXE514 B 1.6kB 6 4
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCBLY48YnSQEBKPcOwoCZ04HTTP Response
200 -
858 B 18.7kB 13 17
HTTP Request
GET http://www.google-analytics.com/ga.jsHTTP Response
200 -
190 B 92 B 4 2
-
190 B 92 B 4 2
-
172.217.16.225:80http://4.bp.blogspot.com/-qyDDNXwiQI0/Ty_OPggv3FI/AAAAAAAABCw/Llauzy6-io8/s1600/background-image.pnghttpIEXPLORE.EXE938 B 22.0kB 13 19
HTTP Request
GET http://4.bp.blogspot.com/-qyDDNXwiQI0/Ty_OPggv3FI/AAAAAAAABCw/Llauzy6-io8/s1600/background-image.pngHTTP Response
200 -
163.70.147.35:80http://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80httpIEXPLORE.EXE728 B 950 B 7 6
HTTP Request
GET http://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80HTTP Response
301 -
163.70.147.35:80http://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80httpIEXPLORE.EXE676 B 561 B 6 5
HTTP Request
GET http://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80HTTP Response
301 -
163.70.147.35:443https://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80tls, httpIEXPLORE.EXE1.4kB 6.8kB 14 13
HTTP Request
GET https://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80HTTP Response
200 -
163.70.147.35:443https://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80tls, httpIEXPLORE.EXE1.3kB 6.8kB 13 13
HTTP Request
GET https://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fdrooidtodaycom&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80HTTP Response
200 -
466 B 92 B 10 2
-
3.165.113.12:80http://i1259.photobucket.com/albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.pnghttpIEXPLORE.EXE607 B 1.5kB 6 5
HTTP Request
GET http://i1259.photobucket.com/albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.pngHTTP Response
301 -
3.165.113.12:443https://i1259.photobucket.com/albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.pngtls, httpIEXPLORE.EXE2.0kB 53.9kB 28 46
HTTP Request
GET https://i1259.photobucket.com/albums/ii554/drooidtodayCOM/headerdrooidtodaycomjadi.pngHTTP Response
200 -
700 B 4.5kB 9 8
-
142.250.200.3:443https://ssl.gstatic.com/android/market_images/web/background_stripes.giftls, httpIEXPLORE.EXE1.1kB 6.1kB 10 10
HTTP Request
GET https://ssl.gstatic.com/android/market_images/web/background_stripes.gifHTTP Response
200 -
756 B 4.6kB 10 9
-
173.194.69.84:443https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&go=truetls, httpIEXPLORE.EXE1.3kB 6.1kB 10 11
HTTP Request
GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D517622428880379629%26postID%3D2002298523016146793%26bpli%3D1&go=trueHTTP Response
302 -
142.250.187.196:443https://www.google.com/js/bg/28ykR6QHK88StyfhK3LfOqcY4sYHCIveCUXeRqCbbHk.jstls, httpIEXPLORE.EXE1.5kB 31.5kB 18 27
HTTP Request
GET https://www.google.com/js/bg/28ykR6QHK88StyfhK3LfOqcY4sYHCIveCUXeRqCbbHk.jsHTTP Response
200 -
1.6kB 7.7kB 11 11
HTTP Request
GET https://resources.blogblog.com/img/blank.gifHTTP Response
200HTTP Request
GET https://resources.blogblog.com/img/anon36.pngHTTP Response
200 -
759 B 4.6kB 10 9
-
575 B 5.1kB 7 7
HTTP Request
GET http://s10.histats.com/js15.jsHTTP Response
200 -
466 B 92 B 10 2
-
149.56.240.130:443https://s4.histats.com/stats/1949034.php?1949034&@f16&@g1&@h1&@i1&@j1733457392014&@k0&@l1&@mDownload%20RealCalc%20Plus%20v1.7.3%20%7C%20Drooid%20Today%20%7C%20Your%20Android%20Stuffs&@n0&@o1000&@q0&@r0&@s3018&@ten-US&@u1280&@b1:176569184&@b3:1733457392&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5Ccae8fda29de263f3bbe9dcebe38927eb_JaffaCakes118.html&@wtls, httpIEXPLORE.EXE1.7kB 3.8kB 11 9
HTTP Request
GET https://s4.histats.com/stats/1949034.php?1949034&@f16&@g1&@h1&@i1&@j1733457392014&@k0&@l1&@mDownload%20RealCalc%20Plus%20v1.7.3%20%7C%20Drooid%20Today%20%7C%20Your%20Android%20Stuffs&@n0&@o1000&@q0&@r0&@s3018&@ten-US&@u1280&@b1:176569184&@b3:1733457392&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5Ccae8fda29de263f3bbe9dcebe38927eb_JaffaCakes118.html&@wHTTP Response
200 -
931 B 3.2kB 9 8
-
190 B 132 B 4 3
-
854 B 5.3kB 13 7
HTTP Request
GET http://world.popadscdn.net/pop.jsHTTP Response
200 -
751 B 3.6kB 10 9
-
1.9kB 11.4kB 15 19
HTTP Request
GET https://statinside.com/counter.jsHTTP Response
200HTTP Request
POST https://statinside.com/api/add-hitHTTP Response
200 -
2.22.144.142:80http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3DhttpIEXPLORE.EXE521 B 1.9kB 6 4
HTTP Request
GET http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3DHTTP Response
200 -
2.22.144.142:80http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3DhttpIEXPLORE.EXE521 B 1.9kB 6 4
HTTP Request
GET http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3DHTTP Response
200 -
1.2kB 12.2kB 14 18
HTTP Request
GET https://s10.histats.com/counters/cc_3018.jsHTTP Response
200 -
399 B 1.7kB 4 4
HTTP Request
GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crlHTTP Response
200 -
393 B 1.7kB 4 4
HTTP Request
GET http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crlHTTP Response
200 -
963 B 3.2kB 9 9
-
1.3kB 3.8kB 10 9
HTTP Request
GET https://s4.histats.com/stats/e.php?1949034&@Ab&@R14945&@wHTTP Response
200 -
747 B 7.8kB 9 12
-
747 B 7.8kB 9 12
-
779 B 7.8kB 9 12
-
80 B 141 B 1 1
DNS Request
drooid-today-script.googlecode.com
DNS Response
108.177.96.82
-
73 B 134 B 1 1
DNS Request
domassistant.googlecode.com
DNS Response
108.177.96.82
-
61 B 108 B 1 1
DNS Request
www.blogger.com
DNS Response
142.250.179.233
-
69 B 130 B 1 1
DNS Request
nusacode.googlecode.com
DNS Response
108.177.96.82
-
77 B 138 B 1 1
DNS Request
javascript-share.googlecode.com
DNS Response
108.177.96.82
-
65 B 81 B 1 1
DNS Request
bdv.bidvertiser.com
DNS Response
54.241.51.109
-
63 B 124 B 1 1
DNS Request
3.bp.blogspot.com
DNS Response
172.217.16.225
-
71 B 116 B 1 1
DNS Request
lh6.googleusercontent.com
DNS Response
142.250.200.33
-
63 B 124 B 1 1
DNS Request
2.bp.blogspot.com
DNS Response
172.217.16.225
-
64 B 94 B 1 1
DNS Request
www.linkwithin.com
DNS Response
118.139.179.30
-
60 B 76 B 1 1
DNS Request
www.google.com
DNS Response
142.250.187.196
-
63 B 124 B 1 1
DNS Request
1.bp.blogspot.com
DNS Response
172.217.16.225
-
61 B 112 B 1 1
DNS Request
images.dmca.com
DNS Response
143.244.38.136
-
60 B 142 B 1 1
DNS Request
xslt.alexa.com
-
260 B 260 B 4 4
DNS Request
www.blogtoplist.com
DNS Request
www.blogtoplist.com
DNS Request
www.blogtoplist.com
DNS Request
www.blogtoplist.com
-
66 B 210 B 1 1
DNS Request
stats.topofblogs.com
DNS Response
159.69.42.212159.69.186.9195.201.124.25565.21.240.24595.216.161.60159.69.83.207162.55.172.21223.88.53.29168.119.245.137
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.178.3
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.178.3
-
63 B 124 B 1 1
DNS Request
4.bp.blogspot.com
DNS Response
172.217.16.225
-
62 B 107 B 1 1
DNS Request
www.facebook.com
DNS Response
163.70.147.35
-
67 B 131 B 1 1
DNS Request
i1259.photobucket.com
DNS Response
3.165.113.123.165.113.353.165.113.1163.165.113.31
-
61 B 145 B 1 1
DNS Request
i50.tinypic.com
-
61 B 77 B 1 1
DNS Request
ssl.gstatic.com
DNS Response
142.250.200.3
-
65 B 81 B 1 1
DNS Request
accounts.google.com
DNS Response
173.194.69.84
-
68 B 115 B 1 1
DNS Request
resources.blogblog.com
DNS Response
142.250.179.233
-
61 B 141 B 1 1
DNS Request
s10.histats.com
DNS Response
104.20.2.69104.20.3.69
-
60 B 268 B 1 1
DNS Request
s4.histats.com
DNS Response
149.56.240.13054.39.156.32149.56.240.2754.39.128.117149.56.240.13254.39.128.162142.4.219.198149.56.240.129149.56.240.128149.56.240.31149.56.240.127149.56.240.131158.69.254.144
-
65 B 81 B 1 1
DNS Request
world.popadscdn.net
DNS Response
190.2.139.23
-
60 B 92 B 1 1
DNS Request
statinside.com
DNS Response
104.21.57.149172.67.146.166
-
260 B 260 B 4 4
DNS Request
www.blogtoplist.com
DNS Request
www.blogtoplist.com
DNS Request
www.blogtoplist.com
DNS Request
www.blogtoplist.com
-
61 B 160 B 1 1
DNS Request
r11.o.lencr.org
DNS Response
2.22.144.1422.22.144.149
-
61 B 160 B 1 1
DNS Request
r11.o.lencr.org
DNS Response
2.22.144.1422.22.144.149
-
63 B 162 B 1 1
DNS Request
crl.microsoft.com
DNS Response
88.221.134.8388.221.134.146
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
184.25.193.234
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
184.25.193.234
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
184.25.193.234
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
854B
MD5e935bc5762068caf3e24a2683b1b8a88
SHA182b70eb774c0756837fe8d7acbfeec05ecbf5463
SHA256a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d
SHA512bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize1KB
MD5c3808d1a2f6764d9573442c1ed989701
SHA1a7c83d90ebb75b11ef79705187d0e082291d1e11
SHA256dbb4c5b8541cbd76ba41cc83cbaadc8d344242e5158c9d992e1339a50f0cf550
SHA5120333873086cfc89fa2681a281b5910551572f9cddd1516059ba6986fe067bcd900c68dd7b522932b65bc060adcf165c51730d82d5486f7c30091736820f4a536
-
Filesize
914B
MD5e4a68ac854ac5242460afd72481b2a44
SHA1df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA5125622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5
-
Filesize
1KB
MD5a266bb7dcc38a562631361bbf61dd11b
SHA13b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA5120da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
Filesize170B
MD5c250d3f553611f66266b57c692e3c6d4
SHA17dc43b0dd6fb10eadc21a397341c1b634e5df77b
SHA2566a47a94a55befe0d84c5acc85bd9f66fffde87ae5ef8fcc23e972a7f726a81c2
SHA512f8d41cb107e8bd63505e53cd37d3b5eca454b93a4c515f5ca1cd7a6e10890eba80eda22e4152db35f1e97ca8034758c70239058be14f90c6bd89a82fa5c3a2e3
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199
Filesize170B
MD52153ea3e8f02d43c05efc6da7189a0ad
SHA1b3e50983231462432cd9c9e46275707a317faac0
SHA256344990f53e539a342f483000074a57799990d19da5867593dbb9dbec624426aa
SHA512c4e752f248ff4744f4acd08cc527ba039c4ab8d003829b233acf1d8482e9e5241e8712ef4116d91676c2694bdaa089383be0e0872309933a5bcdf3b953c74e48
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize410B
MD546f6e3de3ec2a9a9ea0b38df85379490
SHA13c5fa470eb7d42220f712e830cd7d1370287d9d1
SHA2565adafdbab3f000bfede5650f3f832548dea01f9fda0b8ec8b63833c44b6d5ef8
SHA512748016f621b174a67322ca9ec6fda0b255dc0fce2ce24ac2c8147d544a224439155ea43e6a173ed2e2074cbc6de9c527d257f776aa952be116c93251505b1502
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize410B
MD5a2692545eec72d2b44e3ddae41980274
SHA1314c6833f9b93ba8027af33a7e8f271d9feae079
SHA256950c2c1f1bd69f799001f033fa914e42e0efc37c496ad03ed23046f7334e5fa1
SHA5129eef3deeb2d227dc0cb2220bf5aece60cedf1f4a7f22f17a74e8628471497c30e1592d5069c2ce1ac49985de0c4bf56cf2c293d93930898852dc6a3680874c35
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
Filesize252B
MD5f486540dc5dae467835f41deeaa60bdf
SHA1b6c788e37a952bd8cb575c89919eb65ceb0dcd17
SHA25685d5067fac9dadc479c3f758126dc9a44933aa4a75babe6e44e9f03f7a4e0b8b
SHA5124176de37a67983746290cb83d80e0f980ea4ab9827c996d1aeeeb9550a34f1ed52b790b989d769eff6417d18ba5d23343c16eeea97ce71ca8b014bdb94706197
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD54583e20c37046eacaa5036447977a28e
SHA1f2005942b0ce71c3ba62614bcdb9dda25a4dcad6
SHA2567045411b72868746586ed541d362f0848e9bfc1c17bb639903586aedc7a77993
SHA512235b5bccc381381e6c8d05ad2d23f00d2d6fee17d496415f5d1197f2b0109a2fb3e9836956c812957aee9f90fc48b1447d708d7450bada51224fc31c1b23176a
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5e947af0a29a71e8c6615ee43bb04e930
SHA1809dfe05c061f204a9f64b70adaa837a95c5da50
SHA25695a2b41766651fca0e31998f3659841c5f28343b22579a8e99d12dd630131d00
SHA512248056155e98a1c3e8294c4a2783f19f056f4664d1c0cbd2c1c06179c20d4909adea1c95e09a092d57d3b111f6bafafd45ba5e66669ab2a739d0bf4a141b4e50
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5d930abcc6d3f2f82a1433630da56dd12
SHA1c5b45082aa5944771a63223b12a9fdd03bc5cc0d
SHA2564967f4780fe4a987d69cc0b3e1728ddbb1fe22959a48596251bd44acbdd5678d
SHA51276b73383e6c606e22786f3f8f1cd9dbdc3b24a5c5918d4536dae0f13f30eea7124c12527f2743ce4f54dfc5307f0b275c9d74373aae1ceea2dbce899b02ff60a
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD51715e95b5339d5180bbd2af13b194fa6
SHA1d2555d76638a44a3f8cb105c3a4410247442f701
SHA25690ee70fa82ca7edeedc91e34a16657df59203988a1d009ae16a2de9c40f6f062
SHA512636b26f1405d3d28e26042262857f01c5bf61d9b263c0a01646a2584cdf6c9894bd452d2e3079ee23eca7865bc6cb435e0b3e5e6107c6d02f370838979f95569
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5ebaecae113fc694de71d5fadbf2a8ee0
SHA19e658230ab0cf901893368358d693e632324f8df
SHA256153b00196eb918280128e16d7314414df9ae498fa4d29351ef93cdae19aabb74
SHA512c41e9f8f451c4745e9e24f474509317a9fd241212d632d2455fcc49baef6bdc653d19d1c609da5b10491fb44f437d31d4113206da9948fa4db66b9cf92a930ab
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD51c416d9d6c25edc078a7853a218869e3
SHA10759015a57f87d86a9f150a51a9ed9edf159ab22
SHA25630d5f2b38408268c2090a517957826384fe1b50f3b7fb888223be157ef8bf84c
SHA5126a0c931244ccb5a1f8e5f3f2bbe786eb0886a708527420be3f2cda83310eb5c1114a30c0e949606d71134a495b25711026edafb3aa285909a47f6a2e70924ecc
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD517b3fc020833d4a59240a0ff894476f6
SHA1071555df6d35b9bd1b517ed2b57586c56d6e425e
SHA256a59f00a6228d5932d8b5e2602089ee31019aabe5119b9c703de32323785518d9
SHA512e65df91df579a9e84c09eb21c00449935ab6fb17de0acffa2e5db1ce03409fc63bd2c7c2a94ccd8bf20f107f4b095ead1aa9640fef0992d09179d2e70cdf2746
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5698867f93c0718760d55ef9723cf00c5
SHA1ba1a4e62d62cea0641d674aaddfe1fb96270b8a2
SHA2564d94f2170a92e91f5e527a06a3af01d75103ed3653667f0166a573457d49122f
SHA512195d435ebf96f770c009f9c303667d1bfb0f80cfe32f05cd2446cf08109ecbd21606915d0067b3fbc23f1eb3fb9c00ef104f737a36dac7cba29b4e2f26edf137
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD57952cdb86dfb6ea57ce47b4893e0b617
SHA16eef2ccc098a30801a086bc130996c3acc776dd4
SHA25652e3ec8c6e4b75ab619d4fbbf2696f7cd7be04c5cf93f363f8dccd1440a86044
SHA5123d57571822cc044b3bd1f92264e86c66340ab7df4b4d734d735b7784d762051374e6f4defd28f891a94cd3289944ffa9dc30faf849a5a8d55ba8b44395654b68
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD56b48458342d9101100f853b61c6f8f14
SHA1c13ba627182ceb52c7cd6616e949090650447752
SHA256a37685865ff8d8c85765359bde8374c6ae77ec6891c8b749ebc7acf2166badcd
SHA512ffcee14e052949c3b17c11cd1d061281d8d36af4e385102770e2f253172927d24f29c6d2d692869ea6a248f19b106ab3ee40dfb9c5d2e74a3eef041f15a726cb
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5c6c38dcae6776e3043ab05f4c7645625
SHA12c83730140716e6ef0ae7604d44b071868dd8f99
SHA25691569a5f1f0c9ad8dc2b4727b5792de7dbf5b1bcf06efcaba12c75e6e4494637
SHA51218f41df1b10ddb8dfbb5a021a1eae597f9d9a5e2130016dc27c39bd7f244a8de2483b14023cef50412d5a9e524a8a3e5f3028cae58782a41b06c45ccd1fce2b5
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f9576c884f78ade8900e146b37d61ce8
SHA1bbd513f92b2c0363b882dd39b41f80e8d93c6635
SHA256a13df9d04f1be628bf29815a8fc4aa91cffa6351075a3a8e669e2a5ae9e535c5
SHA512d53d18c12df36364dd3f88eb1cdbd7227abd53d8b2d2ab00ce4d96027fec368e877aad8af2cc0b8d3a51b72b205732a91f9476d23b7216cc674b84c29e581acf
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5303da9a124025037d5239248e2e8df86
SHA1a83cb5313edc4b1fea53a85e1f4e2b5c4924c338
SHA2564b830646ea69c8996f25ed8b72eabceef5ff6fa7e3f9d22733e7e63aeda4f4c4
SHA5127bdb78484cf745e23239078e77d7c5b43c86de3264120baa2a1cb807d90af500f56127bc4500492ea5ab7178d52c63b8934810ed14cc02d7af3c8cda21b41e18
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD55c805d3fe896e1fe5909248fbb48e538
SHA179353d8c196bbfb0326e4069aab5c01860d7e231
SHA2568c27374378513a01826c6dcaec72afedecaad9ca0be32ca56261389bb3c8fb58
SHA5128f221532ca8054f58ac19c7074c507b05bd3c474874b818deec36497ac05c3d6404c968de3a3657088093f6acb496fd336bdd8316bea9547929abaa784b214fd
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5ecd27a038275c878423a48ed5a57c332
SHA19f700f38d5a2de4378c0ea842c82d3d7c768ada1
SHA256e2d3a8bd3f7eb3e12fa3cfc69a07e9a63e3290e63d6024d4d4904398430c894b
SHA512bc7ab2e1b68d9504b250a89366eb0bd6f746188aee5ca2dce72408732cd276a4d063c69e9731fb9ca4adbd60de5cc0b8bf6aa41df5d0959ac52c8dd505ccb712
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5efa0c93e5d50cc216a567751ed760760
SHA12c02d270b8892c09154c6d65ce147bf620bd5e03
SHA256a13bd304369181a951d981fdc2028f0680b5a6da40cf37425bba328466f4d4df
SHA512b7f0ef9e73ca76f40e9628cb5bf2f0f7b5c737292c79634348c7197effa3a209ac0b7be127d22a050ff3fe01ecf777b2408980c2c6ad77d6ef4a3ee262b4b360
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5ec9fdfb404bc1b013aa8b8214ea9b4a4
SHA1f3fa86ac9188d377d1f8078ae37225e57b4a2d58
SHA256181b47f7644925f8362e5c54d63dd1e656b1ec70dfe5ba5c003c62c8beabdd69
SHA51239b9f4c6c24f2ccda53a4b31f584f153ed70c28a46ed1a378cd5f7a7e450d0afd23f7281f441a20c6cbfc4617eed49bbf3c76510f4a6c177de38e6f25a077933
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD599dce2e76d7bfaf803c9ecee55af9306
SHA1935be72d3a2777631247def042bad23288791b31
SHA256a1a20f24462cdcf1ae04b8eea6e70b93327123b07ebc105c4a38358f1bb84ea8
SHA512dffd163d2e9d4da37ac664cb1f9c5c18bbcae7785eac8641358e15ee90c5900f98928de4461d1e1fc1f1dba4ff3301cada2c698499b926d934bba610c7a7c20e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5da1862c6fa0d9df4f14c7cb59de6cea1
SHA17242753d6a61ad904f7d0abbffd0e571aa51ebb0
SHA256d1d10435ada87e75690e0b115a15558254a26c157507e7d920e0d137ed38bae5
SHA5122854f17a8e0bd3fb105cc44a8ffe6b3cd709773b5a5309ee6e5cd921be7864db5335df836f88694427c8538995ad70e78b200b33d61dfa18ac5e70080a83c809
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f91b1523a6c2ed59fce93e8b184516bd
SHA190290cd679545151155a6825fb5192c963fc87b4
SHA2566af07e0452c580fedf31e26b7815f7cf6da3e4abb7d3520184e44fab709b9efa
SHA5125ac9eb9b89a2759214b6ac30f2f8ec95dc7ff8cf6a5b9e93479ad5911c2d47fd1506d91fa93260d28845d70d21c0cfa07fb4c60652fed72d5b969e1e1f9606ec
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5f99171c7abdcebaec7e8708f6451cb0d
SHA10f2c5504e1d01728559ded9d18057d92e1e1d6f7
SHA2564c6f9c6785a10a8ee0bf5a4b2e504047d37e01391ba3088ed4b7771779e263ca
SHA512dc835bddaf86a855a765d7fa64265e0d767a2b6e36fa8c2448ddce6d3739b9b3bbf2922dbae48e392d8d667318f1ca87e9b425689772232e55b419efbf048699
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD53a1fcd930b8b46b762bb04c45c0c90e0
SHA121990a30484aaa576a0544a1e322d750c1e985a8
SHA256280a9b819b420706cc25b78f94e52aaee579b1a927fcd891a41a988d711219f4
SHA512c51660e4490a578952be2a7a96c01f9a4c5645d0b89a23248bbfe9ac5ef5cd36bed44a991ad8ca02fad205cc9600897a7892b5ef89e47fc0508a7ca264dc5bd6
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5816f8fc35d3bca92ae6f8a2618ba7388
SHA16a42540e5b88c81cfa8276cd52d8cc5d2bafe869
SHA256d31d928fc86fc346565c6836605c040fc4968f9b10b61621c70386eb51697e76
SHA5124db34e56ef30547f7b6dfbe58ac3c35762b5bf502b7b45dc34e2a93d0f7d52f51d6a72a054a0144f8c0ae64486ea98c3383752395bcaceb94aa683d82d517df0
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B3513D73A177A2707D910183759B389B_C3CF9847C2CA003AA270AE473C534F74
Filesize402B
MD5af2c09c471dbe1e54c971f2e9496f68e
SHA19e5c379a33743fee8f7b22549cd5ef571ec05b45
SHA256ceb9f675ae830d86f262e9f16d40bfa1e35d5159ffc4b6c5b33dbec95a272ace
SHA512604873237ecf6fc95ac967058fbc46889db20a11096fe8df7b17778be8883ac1b1f5e1dfe39a46c661e40a8834ef909c64aba19a39ec2701c3927560e7c9a30c
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
Filesize242B
MD5db3b70f2cd80b4cd174afc8e55b155ef
SHA1461076b61f3199b08d4b131dbb3aa7702c2501ef
SHA25604137bc90aaa684b5212994b4027fdd0232ddb671cc057ea7d9959574d6278ad
SHA512d8dd72f3fe6f5a3707405dc6f1215b10b0dfacc824db9f3038970717938ab4d1b19896d68a310efeae7dbaa96705c66b8d35d30d425d465bc24ae099869d30a9
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b