mydoom | b9ed46e4298d425e2e8938bdc02ae0a826e80a4fcec5532643cd6049726464a7

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
15/12/2024, 07:05 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe
Size

28KB
MD5

f2d829a52467ede663428c66472126f7
SHA1

391f150aa453e38be33d7c9bc74f1d0843441e82
SHA256

b9ed46e4298d425e2e8938bdc02ae0a826e80a4fcec5532643cd6049726464a7
SHA512

1aa3db508b2a60727476c99c35b552f02c37efa283810483fdd1482f46358857fa35e91d89a7d91816b666fd5d0b50cc4c0e6a83a5440ad66b73daa648df61cb
SSDEEP

384:1vxBbK26lj5Id8SpHx9jLhsznnVxA1WmP5w7GGCJlqqwMyNgSmv:Dv8IRRdsxq1DjJcqfzSmv

Score

10^/10

mydoom discovery persistence upx worm

Malware Config

Signatures

Detects MyDoom family 5 IoCs

resource	yara_rule
behavioral2/memory/2496-13-0x0000000000500000-0x0000000000510000-memory.dmp	family_mydoom
behavioral2/memory/2496-56-0x0000000000500000-0x0000000000510000-memory.dmp	family_mydoom
behavioral2/memory/2496-122-0x0000000000500000-0x0000000000510000-memory.dmp	family_mydoom
behavioral2/memory/2496-164-0x0000000000500000-0x0000000000510000-memory.dmp	family_mydoom
behavioral2/memory/2496-168-0x0000000000500000-0x0000000000510000-memory.dmp	family_mydoom

MyDoom
MyDoom is a Worm that is written in C++.
worm mydoom
Mydoom family
mydoom

Executes dropped EXE 1 IoCs

pid	Process
5032	services.exe

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\JavaVM = "C:\\Windows\\java.exe"	f2d829a52467ede663428c66472126f7_JaffaCakes118.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Services = "C:\\Windows\\services.exe"	services.exe

UPX packed file 24 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/2496-0-0x0000000000500000-0x0000000000510000-memory.dmp	upx
behavioral2/files/0x0008000000023ccc-4.dat	upx
behavioral2/memory/5032-6-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/2496-13-0x0000000000500000-0x0000000000510000-memory.dmp	upx
behavioral2/memory/5032-15-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-16-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-21-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-26-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-28-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-33-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-38-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-40-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-45-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-50-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/5032-52-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/2496-56-0x0000000000500000-0x0000000000510000-memory.dmp	upx
behavioral2/memory/5032-57-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/files/0x0003000000000705-62.dat	upx
behavioral2/memory/2496-122-0x0000000000500000-0x0000000000510000-memory.dmp	upx
behavioral2/memory/5032-123-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/2496-164-0x0000000000500000-0x0000000000510000-memory.dmp	upx
behavioral2/memory/5032-165-0x0000000000400000-0x0000000000408000-memory.dmp	upx
behavioral2/memory/2496-168-0x0000000000500000-0x0000000000510000-memory.dmp	upx
behavioral2/memory/5032-169-0x0000000000400000-0x0000000000408000-memory.dmp	upx

Drops file in Windows directory 3 IoCs

description	ioc	Process
File created	C:\Windows\services.exe	f2d829a52467ede663428c66472126f7_JaffaCakes118.exe
File opened for modification	C:\Windows\java.exe	f2d829a52467ede663428c66472126f7_JaffaCakes118.exe
File created	C:\Windows\java.exe	f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	services.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2496 wrote to memory of 5032	2496	f2d829a52467ede663428c66472126f7_JaffaCakes118.exe	83
PID 2496 wrote to memory of 5032	2496	f2d829a52467ede663428c66472126f7_JaffaCakes118.exe	83
PID 2496 wrote to memory of 5032	2496	f2d829a52467ede663428c66472126f7_JaffaCakes118.exe	83

C:\Users\Admin\AppData\Local\Temp\f2d829a52467ede663428c66472126f7_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\f2d829a52467ede663428c66472126f7_JaffaCakes118.exe"
1⤵
- Adds Run key to start application
- Drops file in Windows directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
PID:2496
- C:\Windows\services.exe
  "C:\Windows\services.exe"
  2⤵
  - Executes dropped EXE
  - Adds Run key to start application
  - System Location Discovery: System Language Discovery
  PID:5032

Network

DNS

97.17.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.17.167.52.in-addr.arpa

IN PTR

Response
DNS

182.129.81.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

182.129.81.91.in-addr.arpa

IN PTR

Response
DNS

22.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.160.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

196.249.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.249.167.52.in-addr.arpa

IN PTR

Response
DNS

212.20.149.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

212.20.149.52.in-addr.arpa

IN PTR

Response
DNS

241.42.69.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.42.69.40.in-addr.arpa

IN PTR

Response
DNS

19.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.229.111.52.in-addr.arpa

IN PTR

Response
DNS

m-ou.se

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

m-ou.se

IN MX

Response

m-ou.se

IN MX

aspmx5 googlemailcom

m-ou.se

IN MX

aspmx3�.

m-ou.se

IN MX

alt1aspmxlgoogle�9

m-ou.se

IN MX

alt2�h

m-ou.se

IN MX

�h

m-ou.se

IN MX

aspmx4�.

m-ou.se

IN MX

aspmx2�.
DNS

aspmx5.googlemail.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

aspmx5.googlemail.com

IN A

Response

aspmx5.googlemail.com

IN A

142.250.157.27
DNS

acm.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

acm.org

IN MX

Response

acm.org

IN MX

mail mailroutenet
DNS

mail.mailroute.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

mail.mailroute.net

IN A

Response

mail.mailroute.net

IN A

199.89.1.120

mail.mailroute.net

IN A

199.89.3.120
DNS

cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

cs.stanford.edu

IN MX

Response

cs.stanford.edu

IN MX

smtp2�

cs.stanford.edu

IN MX

smtp1�

cs.stanford.edu

IN MX

�
DNS

smtp2.cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

smtp2.cs.stanford.edu

IN A

Response

smtp2.cs.stanford.edu

IN A

171.64.64.26
DNS

burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

burtleburtle.net

IN MX

Response

burtleburtle.net

IN MX

mx�
DNS

mx.burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

mx.burtleburtle.net

IN A

Response

mx.burtleburtle.net

IN A

65.254.254.52

mx.burtleburtle.net

IN A

65.254.254.50

mx.burtleburtle.net

IN A

65.254.254.51
DNS

alumni.caltech.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

alumni.caltech.edu

IN MX

Response

alumni.caltech.edu

IN MX

alumni-caltech-edumail protectionoutlookcom
DNS

alumni-caltech-edu.mail.protection.outlook.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

alumni-caltech-edu.mail.protection.outlook.com

IN A

Response

alumni-caltech-edu.mail.protection.outlook.com

IN A

52.101.41.21

alumni-caltech-edu.mail.protection.outlook.com

IN A

52.101.42.4

alumni-caltech-edu.mail.protection.outlook.com

IN A

52.101.8.42

alumni-caltech-edu.mail.protection.outlook.com

IN A

52.101.8.36
DNS

gzip.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

gzip.org

IN MX

Response

gzip.org

IN MX

�
DNS

gzip.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

gzip.org

IN A

Response

gzip.org

IN A

85.187.148.2
DNS

www.altavista.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

www.altavista.com

IN A

Response

www.altavista.com

IN CNAME

us.yhs4.search.yahoo.com

us.yhs4.search.yahoo.com

IN CNAME

ds-global3.l7.search.ystg1.b.yahoo.com

ds-global3.l7.search.ystg1.b.yahoo.com

IN A

212.82.100.137
GET

http://www.altavista.com/web/results?q=cs.stanford.edu+contact+mail&kgs=0&kls=0&nbq=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=cs.stanford.edu+contact+mail&kgs=0&kls=0&nbq=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

date: Sun, 15 Dec 2024 07:07:36 GMT
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://search.yahoo.com/?fr=altavista
cache-control: private
content-type: text/html
x-envoy-upstream-service-time: 1
server: ATS
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=m-ou.se+mailto&kgs=0&kls=0&nbq=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=m-ou.se+mailto&kgs=0&kls=0&nbq=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:37 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=contact+mail+acm.org&kgs=0&kls=0&nbq=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=contact+mail+acm.org&kgs=0&kls=0&nbq=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:38 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=alumni.caltech.edu+mailto&kgs=0&kls=0&nbq=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=alumni.caltech.edu+mailto&kgs=0&kls=0&nbq=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:38 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=alumni.caltech.edu+contact+mail&kgs=0&kls=0&nbq=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=alumni.caltech.edu+contact+mail&kgs=0&kls=0&nbq=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:39 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=cs.stanford.edu+contact+e-mail&kgs=0&kls=0&nbq=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=cs.stanford.edu+contact+e-mail&kgs=0&kls=0&nbq=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:40 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=reply+m-ou.se&kgs=0&kls=0&nbq=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=reply+m-ou.se&kgs=0&kls=0&nbq=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:40 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=mail+acm.org&kgs=0&kls=0&nbq=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=mail+acm.org&kgs=0&kls=0&nbq=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:41 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=contact+mail+gzip.org&kgs=0&kls=0

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=contact+mail+gzip.org&kgs=0&kls=0 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:43 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=m-ou.se+mail&kgs=0&kls=0&nbq=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=m-ou.se+mail&kgs=0&kls=0&nbq=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:43 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=contact+e-mail+gzip.org&kgs=0&kls=0&nbq=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=contact+e-mail+gzip.org&kgs=0&kls=0&nbq=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:45 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=acm.org+mailto&kgs=0&kls=0&nbq=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=acm.org+mailto&kgs=0&kls=0&nbq=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:45 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=mailto+cs.stanford.edu&kgs=0&kls=0&nbq=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=mailto+cs.stanford.edu&kgs=0&kls=0&nbq=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:46 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.altavista.com/web/results?q=mail+m-ou.se&kgs=0&kls=0&nbq=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /web/results?q=mail+m-ou.se&kgs=0&kls=0&nbq=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.altavista.com
Connection: Keep-Alive

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:36 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
DNS

www.google.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

172.217.20.164
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjBFJDQP3qMTiSLSvR1XWam7IMJKRaBPimGgScxIiAcYWK60PYE05omCliVJsoHlBr8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIuID6ugYQ8vTyuAMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-7zanj-mhYiMvGFXRgm24Kw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:36 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-WulUTrQQ1yKoI-4bp5LtgAkJUYkiC36WSrSUC94KrsDkVbW8YiYU0; expires=Fri, 13-Jun-2025 07:07:36 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=m-ou.se+mail&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=m-ou.se+mail&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmail%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjC8nvyplCsPLovJTghsyEq7u4WrBZfE7TH6yS3LWzdb9asz0WjpAeHfkc10IDR1pX4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIuYD6ugYQl4_rcRIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-QXhet0C0AEjoPF9OBJZvEg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:37 GMT
Server: gws
Content-Length: 481
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VvdcjIPtCaQ2Ac9qPF3-SySeDoGBcVWDnzeYhccs9d3egERcnN6Iw; expires=Fri, 13-Jun-2025 07:07:37 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjBFJDQP3qMTiSLSvR1XWam7IMJKRaBPimGgScxIiAcYWK60PYE05omCliVJsoHlBr8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjBFJDQP3qMTiSLSvR1XWam7IMJKRaBPimGgScxIiAcYWK60PYE05omCliVJsoHlBr8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
DNS

search.yahoo.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

search.yahoo.com

IN A

Response

search.yahoo.com

IN CNAME

ds-global3.l7.search.ystg1.b.yahoo.com

ds-global3.l7.search.ystg1.b.yahoo.com

IN A

212.82.100.137
GET

https://search.yahoo.com/?fr=altavista

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /?fr=altavista HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:36 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+gzip.org&num=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+gzip.org&num=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLiA-roGIjBh9TZBQqTkJacniGMWMJvwqjDjIv130FuDjPKvMGwuw1O8SIrsGNzoTImsmZUabWoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIuYD6ugYQ4IHuGxIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-H-wWmyAa4HJQGhkcm7sFKw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:37 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XRnZvEMFxhwIgQ5Dq_YRaOvxh9saScRck8wHZHV32YqlgG4LovQg; expires=Fri, 13-Jun-2025 07:07:37 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCrKt0Lo55Ys1rUmjEzr4EY2qxYt0gfzxFDnvk07F93M0BITDnjgmPoVJjR_Gm0r4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIuYD6ugYQ0fOvowISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-jmYCocTnIaLZpHGDGtYt1A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:37 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Xbc1Ni-E4ZfNAP4F10ISia19891PGBr-RcQRYptkwslwYee1baA2w; expires=Fri, 13-Jun-2025 07:07:37 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLiA-roGIjBh9TZBQqTkJacniGMWMJvwqjDjIv130FuDjPKvMGwuw1O8SIrsGNzoTImsmZUabWoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLiA-roGIjBh9TZBQqTkJacniGMWMJvwqjDjIv130FuDjPKvMGwuw1O8SIrsGNzoTImsmZUabWoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
DNS

137.100.82.212.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.100.82.212.in-addr.arpa

IN PTR

Response

137.100.82.212.in-addr.arpa

IN PTR

ats1l7searchvipir2yahoocom
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu&hl=en&q=EgS117BTGLmA-roGIjAwnNTtaal--JeGv9y1yhbheXbhThw0Ww7Ntz2gXlu6l3vXIluNNn3owopcVaHTDeEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIuYD6ugYQ-fj99gISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-rwJpZ4OVmQ0D4CnoqnOrXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:37 GMT
Server: gws
Content-Length: 477
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-WCrosG-4Eu3cYYhHbqbMOQHC7zerMs4lOMxx7KgknQ-gzgGvPzJ8k; expires=Fri, 13-Jun-2025 07:07:37 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=contact+mail+burtleburtle.net&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=contact+mail+burtleburtle.net&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcontact%2Bmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCkiMzE3mI8ZYBkZIQLmbKHypUiGT4_aQH8I1ZOhJ7VAA7KMm6qRDzpK3GpQc9PGdEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIuoD6ugYQj-OcUxIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-SxqUSdp4y1cPs9fzP1WBBg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:38 GMT
Server: gws
Content-Length: 500
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Wa_tCan8CvG-v6Nb__YN-zzbthQvLZsBUrMtbU-4UeK41ZspzsVg; expires=Fri, 13-Jun-2025 07:07:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjBoDwcTZwSgpiKlUpPCoGaiCxfbBn3S-yrWrz00DdFicDqtRQLMhaQvyf8w_2LH-PgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIuoD6ugYQvcOe7wESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-OC8t5hgGmxQ8q2-BWPvF3Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:38 GMT
Server: gws
Content-Length: 490
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VNJ2VRYLTMFTP47VOvKCMQqGT-3nr10s5ybJsGqZjen__zRank4g; expires=Fri, 13-Jun-2025 07:07:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCrKt0Lo55Ys1rUmjEzr4EY2qxYt0gfzxFDnvk07F93M0BITDnjgmPoVJjR_Gm0r4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCrKt0Lo55Ys1rUmjEzr4EY2qxYt0gfzxFDnvk07F93M0BITDnjgmPoVJjR_Gm0r4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:38 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=burtleburtle.net+email&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=burtleburtle.net+email&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dburtleburtle.net%2Bemail%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjA5TA_qFB-Rpr7u13AsknxfBitkVuLx9TrfrbGqJzwMYNnA1usoIn3B95hUf6D765gyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIuoD6ugYQnY7lPRIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-wJ5wQMCBPYiBDhO1TxSAAw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:38 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Wp2xiO-2FaoI7T16ixTDq_Hi8a1-KLh2AW7T71qRh7gH8Fl3twxZI; expires=Fri, 13-Jun-2025 07:07:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmail%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjC8nvyplCsPLovJTghsyEq7u4WrBZfE7TH6yS3LWzdb9asz0WjpAeHfkc10IDR1pX4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmail%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjC8nvyplCsPLovJTghsyEq7u4WrBZfE7TH6yS3LWzdb9asz0WjpAeHfkc10IDR1pX4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:38 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3282
X-XSS-Protection: 0
DNS

164.20.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

164.20.217.172.in-addr.arpa

IN PTR

Response

164.20.217.172.in-addr.arpa

IN PTR

par10s49-in-f41e100net

164.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f164�H

164.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f4�H
DNS

search.lycos.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

search.lycos.com

IN A

Response

search.lycos.com

IN CNAME

search-core2.bo3.lycos.com

search-core2.bo3.lycos.com

IN A

209.202.254.10
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:38 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto
Content-Length: 305
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:38 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email
Content-Length: 311
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=cs.stanford.edu+email&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=cs.stanford.edu+email&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjDzbPgJFPLb7nl_oRUfcIoFyc0lui3Z5lN1Ks4uScU1E9TTz64JX-NUWUu5piY5KLcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIuoD6ugYQvfrr5wISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-Rl1bcOH_EsU-O4jvQAH4Nw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:38 GMT
Server: gws
Content-Length: 490
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Vo9vlYienu8Wizi1vuvsGhggEs4FaMTK7s-kmuDs647hpb1OCQA2M; expires=Fri, 13-Jun-2025 07:07:38 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjBOYzvyb9K32CE-NCIZYbbxDzMi0zolFhjHICwJOP3cl0Dpq_VkiYUyF0i5DUDeWSIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIu4D6ugYQz-bAHxIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-pTdrTseMx-06yQLOyaw_kA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:39 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VcMqZ8xrIuSIWXYxBSPK1CGyE9RgOU2RM0J9f0T6WUqPy6XclJgWo; expires=Fri, 13-Jun-2025 07:07:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu&hl=en&q=EgS117BTGLmA-roGIjAwnNTtaal--JeGv9y1yhbheXbhThw0Ww7Ntz2gXlu6l3vXIluNNn3owopcVaHTDeEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu&hl=en&q=EgS117BTGLmA-roGIjAwnNTtaal--JeGv9y1yhbheXbhThw0Ww7Ntz2gXlu6l3vXIluNNn3owopcVaHTDeEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:39 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3270
X-XSS-Protection: 0
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:38 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:39 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:38 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:39 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjAfR4ihq3mV3qbOYhKI9Ue0LyLYF0ZhFSudYvtagPsYqIIhLzAhtRBRbvOthMaQj4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIu4D6ugYQu9PGJhIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-icq7v46hpJQ7ZJpiV_LhQA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:39 GMT
Server: gws
Content-Length: 490
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-UHvIF87WKgV5gtDcQWCtJodxTxtsk56k8AcrF3Obx33qG4izebeqo; expires=Fri, 13-Jun-2025 07:07:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+acm.org&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+acm.org&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBY9eYZ1G39ivOBLsjoxstXKnyAkqWcG2QMz0uaAF1vS4rYwvboB8a8yV6SEJ2fGI8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIu4D6ugYQ05SzsAESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-X9Zrkdpy8Dd9xC2kEkn3Nw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:39 GMT
Server: gws
Content-Length: 481
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-UWUZoC1ORti0YG3t1QGma9o3wsS1mvvQNL-eqwJMf5oAYLnWhSbg; expires=Fri, 13-Jun-2025 07:07:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dburtleburtle.net%2Bemail%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjA5TA_qFB-Rpr7u13AsknxfBitkVuLx9TrfrbGqJzwMYNnA1usoIn3B95hUf6D765gyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dburtleburtle.net%2Bemail%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjA5TA_qFB-Rpr7u13AsknxfBitkVuLx9TrfrbGqJzwMYNnA1usoIn3B95hUf6D765gyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:39 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:38 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:38 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
DNS

r11.o.lencr.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

r11.o.lencr.org

IN A

Response

r11.o.lencr.org

IN CNAME

o.lencr.edgesuite.net

o.lencr.edgesuite.net

IN CNAME

a1887.dscq.akamai.net

a1887.dscq.akamai.net

IN A

2.18.121.71

a1887.dscq.akamai.net

IN A

2.18.121.69
GET

http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgTv%2BHV0Bd%2FqEQJQjG4LfvoXXw%3D%3D

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

2.18.121.71:80

Request

GET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgTv%2BHV0Bd%2FqEQJQjG4LfvoXXw%3D%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: r11.o.lencr.org

Response

HTTP/1.1 200 OK

Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6C75543347FD634FE5AF91763D16EFDDCF3D5E252811E955ADB3D935CA400694"
Last-Modified: Sun, 15 Dec 2024 01:40:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6570
Expires: Sun, 15 Dec 2024 08:57:08 GMT
Date: Sun, 15 Dec 2024 07:07:38 GMT
Connection: keep-alive
DNS

10.254.202.209.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.254.202.209.in-addr.arpa

IN PTR

Response

10.254.202.209.in-addr.arpa

IN PTR

search-core2bo3lycoscom
DNS

61.45.26.184.in-addr.arpa

Remote address:

8.8.8.8:53

Request

61.45.26.184.in-addr.arpa

IN PTR

Response

61.45.26.184.in-addr.arpa

IN PTR

a184-26-45-61deploystaticakamaitechnologiescom
DNS

71.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.121.18.2.in-addr.arpa

IN PTR

Response

71.121.18.2.in-addr.arpa

IN PTR

a2-18-121-71deploystaticakamaitechnologiescom
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=cs.stanford.edu+mailto&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=cs.stanford.edu+mailto&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bmailto%26num%3D50&hl=en&q=EgS117BTGLuA-roGIjBzbYHmvjY_cqTfVCjKjr4UXojCaNC-a8Nv1ItpezhVe-JYBbfLvnMuWwwvC8QvJ_EyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIu4D6ugYQ3-6t9AESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-dBow0YM67cjcI8xhgGz5IQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:39 GMT
Server: gws
Content-Length: 490
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XJsdbBnf8h7-AxRKjITY12CEKCyeuFP2rHlkdkmgsf63CBT1E4fcc; expires=Fri, 13-Jun-2025 07:07:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjBoDwcTZwSgpiKlUpPCoGaiCxfbBn3S-yrWrz00DdFicDqtRQLMhaQvyf8w_2LH-PgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjBoDwcTZwSgpiKlUpPCoGaiCxfbBn3S-yrWrz00DdFicDqtRQLMhaQvyf8w_2LH-PgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:39 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3309
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:39 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:39 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcontact%2Bmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCkiMzE3mI8ZYBkZIQLmbKHypUiGT4_aQH8I1ZOhJ7VAA7KMm6qRDzpK3GpQc9PGdEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcontact%2Bmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCkiMzE3mI8ZYBkZIQLmbKHypUiGT4_aQH8I1ZOhJ7VAA7KMm6qRDzpK3GpQc9PGdEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:39 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3333
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:39 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+burtleburtle.net HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bburtleburtle.net&hl=en&q=EgS117BTGLuA-roGIjDmDSs9KzQSOMYRRmYF7zQ0p4rRqAdiIvLR4ljMEBZVP--Idi2-DSBmndDLrNhehBYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIu4D6ugYQxouv0wMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-eQKvF_ndw8aX0XhBsmECXA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:39 GMT
Server: gws
Content-Length: 480
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VV-rhA5YtlVzRmICJJiKLBltjyYEC3U0WcF4w4n9FNK7xbTS_KiA; expires=Fri, 13-Jun-2025 07:07:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+burtleburtle.net&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+burtleburtle.net&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjCa2CKmcHit09FrJ-IW61sCu_dypI2JbRDWTGtBzvYK5U8WWCE5LleoE7-0cLP-4FwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvID6ugYQp5DntwESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-VW9aoMwbg2NCNRfgjJS2ZQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:40 GMT
Server: gws
Content-Length: 492
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-WX1sObrMKeO-fOLKXYF-O34CcFCJSE2kpb7GSwzf_qK-dAg_Q0aqA; expires=Fri, 13-Jun-2025 07:07:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBeNCn5h28q93pH_hUaqDqmQL7aHEIq-We1bG08B_nlyrRXLU3XvtlLi-UuHz34lH8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvID6ugYQjr6VqwMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-AK1xvF-af5BiCyRBbwcDyQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:40 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XJ9V9utd05JDbvdEBzMi6L9TSDZ_pXVe01MqrpR78XlUxovfspUg; expires=Fri, 13-Jun-2025 07:07:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bmailto%26num%3D50&hl=en&q=EgS117BTGLuA-roGIjBzbYHmvjY_cqTfVCjKjr4UXojCaNC-a8Nv1ItpezhVe-JYBbfLvnMuWwwvC8QvJ_EyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bmailto%26num%3D50&hl=en&q=EgS117BTGLuA-roGIjBzbYHmvjY_cqTfVCjKjr4UXojCaNC-a8Nv1ItpezhVe-JYBbfLvnMuWwwvC8QvJ_EyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:40 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3309
X-XSS-Protection: 0
GET

https://search.yahoo.com/search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:39 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBP-rXHP04O1naSvihMC00wzi_6t8Cmv5hay_uANY66JwCXJ5kAbeJoWVIUluKKtWUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIu4D6ugYQ19ukwAMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-FICcGuqAK17CPQCJCoN2GQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:39 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Xcm2KU_tB6iIaYG5JP4zQoKXXoGTHLt9GVd-v0uTpi6nYXQ3b-APY; expires=Fri, 13-Jun-2025 07:07:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjDzbPgJFPLb7nl_oRUfcIoFyc0lui3Z5lN1Ks4uScU1E9TTz64JX-NUWUu5piY5KLcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjDzbPgJFPLb7nl_oRUfcIoFyc0lui3Z5lN1Ks4uScU1E9TTz64JX-NUWUu5piY5KLcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:39 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3309
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:39 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:40 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+m-ou.se&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+m-ou.se&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBghn7CqVmGvKpkDum3UHrYYYLiLKh8tr1IPPZo0L8JyaSX3cJui9q-eiTuFgsOw9wyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvID6ugYQtZvHkwESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-8LuielX-ATlUIfbv-Y3lHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:40 GMT
Server: gws
Content-Length: 481
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Wsl3tPj6xCG6MLjcggiPlm-BJMmP3v16EmvEo8mEALyOtcEDVIzy0; expires=Fri, 13-Jun-2025 07:07:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjBOYzvyb9K32CE-NCIZYbbxDzMi0zolFhjHICwJOP3cl0Dpq_VkiYUyF0i5DUDeWSIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjBOYzvyb9K32CE-NCIZYbbxDzMi0zolFhjHICwJOP3cl0Dpq_VkiYUyF0i5DUDeWSIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:40 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:40 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:40 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjAfR4ihq3mV3qbOYhKI9Ue0LyLYF0ZhFSudYvtagPsYqIIhLzAhtRBRbvOthMaQj4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjAfR4ihq3mV3qbOYhKI9Ue0LyLYF0ZhFSudYvtagPsYqIIhLzAhtRBRbvOthMaQj4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:40 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3309
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+gzip.org&num=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+gzip.org&num=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLyA-roGIjBDBUUhjbOpzVFzm5WbZiHaOhOQU6BZ95GS0KHsJwo7kLJwQgWUolOFU6UNIzHfbgEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvID6ugYQ8YjWpQMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce--USGMAfgV7-fINT8RbznNQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:40 GMT
Server: gws
Content-Length: 483
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-X0BaYijn2EjezqdqEy_eTvCCBSyfVImrBUqwxigqh6bxM5skUFhw0; expires=Fri, 13-Jun-2025 07:07:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBY9eYZ1G39ivOBLsjoxstXKnyAkqWcG2QMz0uaAF1vS4rYwvboB8a8yV6SEJ2fGI8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBY9eYZ1G39ivOBLsjoxstXKnyAkqWcG2QMz0uaAF1vS4rYwvboB8a8yV6SEJ2fGI8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:40 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3282
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:40 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:40 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=acm.org+mailto&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=acm.org+mailto&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dacm.org%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjD8aQ472LgBRFB2hXeiwtzVgEQynXFbRaZpIW4AsUe5giN4wzjxcMrz66OPimqRHyMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvYD6ugYQo7n94gESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-2KlKhy6hxJH-86OQI6MGhg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:41 GMT
Server: gws
Content-Length: 483
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VLfn3bxV744TMyk9yNIfPXN2icxzCYsHBv0anr7NEYkmUr-DedPXE; expires=Fri, 13-Jun-2025 07:07:41 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bburtleburtle.net&hl=en&q=EgS117BTGLuA-roGIjDmDSs9KzQSOMYRRmYF7zQ0p4rRqAdiIvLR4ljMEBZVP--Idi2-DSBmndDLrNhehBYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bburtleburtle.net&hl=en&q=EgS117BTGLuA-roGIjDmDSs9KzQSOMYRRmYF7zQ0p4rRqAdiIvLR4ljMEBZVP--Idi2-DSBmndDLrNhehBYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:41 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3279
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=alumni.caltech.edu+mailto&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=alumni.caltech.edu+mailto&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjAH7B8MqmNejkzotH9euxCgwnB48AeN96G1kzaWzRSNpfORTjw5oaLrufoH7rFUC0QyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIvYD6ugYQ_NqfcxIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-ZYGtivtKV7OiRTC5VelxYw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:41 GMT
Server: gws
Content-Length: 494
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-WWqrF2FfblSABmlFGF861oTPOhNPiiZoyOKjgIYGYlJnS6rDyIhkU; expires=Fri, 13-Jun-2025 07:07:41 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBP-rXHP04O1naSvihMC00wzi_6t8Cmv5hay_uANY66JwCXJ5kAbeJoWVIUluKKtWUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBP-rXHP04O1naSvihMC00wzi_6t8Cmv5hay_uANY66JwCXJ5kAbeJoWVIUluKKtWUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:41 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab= HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:41 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab= HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:41 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:41 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto
Content-Length: 312
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:42 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu
Content-Length: 312
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:42 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net
Content-Length: 311
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

http://search.yahoo.com/search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:41 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:41 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:41 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:41 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=gzip.org+mail&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=gzip.org+mail&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dgzip.org%2Bmail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjB295bEKatgq1DGj1cP2uEU1Q2sawUlLvQRj8Hv7TneSPkxIud2Jcg1XWd4DbXq4xUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvYD6ugYQhpjerQISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-DtlWqe9JyhClyo-w6l3F7g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:41 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-X7hs0WKwYiqZXTae5kxHJO_S4zft9VeVNEJxGHzqr_N0hXMx9-Eg; expires=Fri, 13-Jun-2025 07:07:41 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBghn7CqVmGvKpkDum3UHrYYYLiLKh8tr1IPPZo0L8JyaSX3cJui9q-eiTuFgsOw9wyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBghn7CqVmGvKpkDum3UHrYYYLiLKh8tr1IPPZo0L8JyaSX3cJui9q-eiTuFgsOw9wyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:41 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3282
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=alumni.caltech.edu+email&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=alumni.caltech.edu+email&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjDyMWCYFmT8p8sBEALORTMMWijncKXdrZejpc8l4iRPrvNEbS4aEzY3QPPFyxG3_hsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvYD6ugYQrM7zjgMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-2yB98f9Ia6vgnRcOJq8bJw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:41 GMT
Server: gws
Content-Length: 493
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-W8bISFPy1ZjNeJ85AvefPv6-K04PXBTvtDlCN2X-TXkTEFLx_4Gk0; expires=Fri, 13-Jun-2025 07:07:41 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjAjjOuOBZmnZyO26mug7fyc6sMdQ7nOS7ENMjLLf3jb9N1ZVLLGMYe9-DTl9ZqRdwYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvoD6ugYQopyxhQESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-O4oWC15QOKi8jjcXdT1PVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:42 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VTyXsBDJXrp8KNoiutK9iiK5G4Afg8KiIYwNQBVxCihA7tc9iW4w; expires=Fri, 13-Jun-2025 07:07:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLyA-roGIjBDBUUhjbOpzVFzm5WbZiHaOhOQU6BZ95GS0KHsJwo7kLJwQgWUolOFU6UNIzHfbgEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLyA-roGIjBDBUUhjbOpzVFzm5WbZiHaOhOQU6BZ95GS0KHsJwo7kLJwQgWUolOFU6UNIzHfbgEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3288
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjCa2CKmcHit09FrJ-IW61sCu_dypI2JbRDWTGtBzvYK5U8WWCE5LleoE7-0cLP-4FwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjCa2CKmcHit09FrJ-IW61sCu_dypI2JbRDWTGtBzvYK5U8WWCE5LleoE7-0cLP-4FwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:41 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3315
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+acm.org&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+acm.org&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjD_XmK1XGwCEUAgHraBQx84n7qplAVka5rH6ROS5XoKpKSecuhYEyyAY2ujk4ZmeH4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIvoD6ugYQj_H8VxIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-tCb1hwzpv3aDC3vQv6aVqg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:42 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XSkrGArADgdwkY5dRkV6oSQQthW3D4mPJHE-RwKsroa3CpiTFdew; expires=Fri, 13-Jun-2025 07:07:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+alumni.caltech.edu&num=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+alumni.caltech.edu&num=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu%26num%3D20&hl=en&q=EgS117BTGL6A-roGIjALThB-lZqYKeCothVnzvTal4jML5-1yEMaamPF-zrX88lgHG3W54HEx9pw5stc_yUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvoD6ugYQ8K2I0gESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-RN-iD94BmPsJboOTje8HnQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:42 GMT
Server: gws
Content-Length: 493
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Xg8p1mZxpcu7RC6ZqiWZ4VR6xGJs6Ji3aTrm3zjfWg94WunUzwnzs; expires=Fri, 13-Jun-2025 07:07:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL6A-roGIjCF8ojv47IybawaMyBkZh4b-laLkryIuQ8ufaLJf0bbuipyOSSfTRZ9V2XOD7NdGtMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIvoD6ugYQmcfLxwMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-JeaFEI4WNAKe5pdZe1zLVg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:42 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-WqTw6aocd_IrPOWHfKGwiQceo0omH9Fy75DNbj5lqGQU24R0bPhFA; expires=Fri, 13-Jun-2025 07:07:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dacm.org%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjD8aQ472LgBRFB2hXeiwtzVgEQynXFbRaZpIW4AsUe5giN4wzjxcMrz66OPimqRHyMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dacm.org%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjD8aQ472LgBRFB2hXeiwtzVgEQynXFbRaZpIW4AsUe5giN4wzjxcMrz66OPimqRHyMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:43 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3288
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:42 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBeNCn5h28q93pH_hUaqDqmQL7aHEIq-We1bG08B_nlyrRXLU3XvtlLi-UuHz34lH8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBeNCn5h28q93pH_hUaqDqmQL7aHEIq-We1bG08B_nlyrRXLU3XvtlLi-UuHz34lH8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
GET

https://search.yahoo.com/search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:42 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjAH7B8MqmNejkzotH9euxCgwnB48AeN96G1kzaWzRSNpfORTjw5oaLrufoH7rFUC0QyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjAH7B8MqmNejkzotH9euxCgwnB48AeN96G1kzaWzRSNpfORTjw5oaLrufoH7rFUC0QyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3321
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGL6A-roGIjATyBNMmc9Yd20iioEpyGJcuJqcmJgTBq7zvWl0jqjCTsqFFGbEg0sqfNkArnyVnRoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIv4D6ugYQ9rufERIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-oA3-AnDVcQkwvhCOSAnB0Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: gws
Content-Length: 488
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VF0UFaW1wNHsahErE6LvS9wBTA0lOq9xXjD-Iqo1Wka3kotb1NNqo; expires=Fri, 13-Jun-2025 07:07:43 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+acm.org&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=email+acm.org&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBFJoS1Kz3zkg-Cwjis_4TlqbJusSQneLmB04vmK8UtTXachijyOh_PDf8rtvlsFUIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIv4D6ugYQ2_XTuwESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-S9yvUM6FK-uBPDl9TcETEA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Wp-T4_DPLtedEQGGhFjenT8CAce5Kntl9K-vL88xHeU_JZsDenHlc; expires=Fri, 13-Jun-2025 07:07:43 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dgzip.org%2Bmail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjB295bEKatgq1DGj1cP2uEU1Q2sawUlLvQRj8Hv7TneSPkxIud2Jcg1XWd4DbXq4xUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dgzip.org%2Bmail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjB295bEKatgq1DGj1cP2uEU1Q2sawUlLvQRj8Hv7TneSPkxIud2Jcg1XWd4DbXq4xUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:43 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: Apache
X-Powered-By: PHP/7.2.17
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: Apache
X-Powered-By: PHP/7.2.17
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+burtleburtle.net&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=email+burtleburtle.net&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjAjoHCW0hacw3LGv6jI8a-PE54_rYwRblvYT59iasb-asjRgJ_NYtBzZV3V6OdOy-AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIv4D6ugYQodOEvwESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-AW2Ehcvf8000jRYYZVuK-Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VAaY49kQAV8hxODz_rRMQ34myt3bKHvHbV9cwiVsrw_eMocwD00A; expires=Fri, 13-Jun-2025 07:07:43 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=email+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjDmjgi0AT_iFwe-64kZ5YqGHhmUs2gvovEiTIlvVzNubDZUoBqsJbvtP-MLAVzt5s0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIv4D6ugYQiPGnowMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-aFeU8rh9moDWw5zSeaqzRA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: gws
Content-Length: 490
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-UVaL6IinGcURHo0R0XinryKUd5aotb2RsbX2SX_Wr-UINrgEbZpQ; expires=Fri, 13-Jun-2025 07:07:43 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwID6ugYQ_-TPvgESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-b8U0T5iBiDVWLgLwQTB-tw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-U1q1QasxIEhN5whosrhfpce6oMhWsMhvNb_HjW2aMg4ucw0igPN6k; expires=Fri, 13-Jun-2025 07:07:44 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjD_XmK1XGwCEUAgHraBQx84n7qplAVka5rH6ROS5XoKpKSecuhYEyyAY2ujk4ZmeH4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjD_XmK1XGwCEUAgHraBQx84n7qplAVka5rH6ROS5XoKpKSecuhYEyyAY2ujk4ZmeH4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:44 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab= HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:43 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=
Content-Length: 25
Content-Type: text/html
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply
Content-Length: 314
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

https://search.yahoo.com/search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab= HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:43 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: Apache
X-Powered-By: PHP/7.2.22
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjDyMWCYFmT8p8sBEALORTMMWijncKXdrZejpc8l4iRPrvNEbS4aEzY3QPPFyxG3_hsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjDyMWCYFmT8p8sBEALORTMMWijncKXdrZejpc8l4iRPrvNEbS4aEzY3QPPFyxG3_hsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:43 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3318
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIv4D6ugYQ-f7K0AMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-HN4DSdJbbSFpTr4_mGPrTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:43 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-X49CgzHyCAr9gfr0AHFjC290YytLrzq1aMPBpqZn2-KE9osMcjqA; expires=Fri, 13-Jun-2025 07:07:43 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjAZ3CX-CkaZCW9v58geeYJWuPM9cP33onauQnoEielFukFdOKwnxvngxeGkPCEvCsoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwID6ugYQm8_92wESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-Bxx2Fyu0qy7chhi8NKINEQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-UQ5VZfTieH9Z7LUyPQ3rYnXLJQXiiMitj191G7i-lqaXbz2waA1AI; expires=Fri, 13-Jun-2025 07:07:44 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGMCA-roGIjBOSwKdfjGy0TkM2aLa0kHrBy_372np3VuaaTe59h6q6lylmtMevIzbis0YoHvp_OoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwID6ugYQuqfRtwMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-d0PLYsatBwQZFHVg50Fwbg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: gws
Content-Length: 488
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-V8g51unFbuiV7H-DRepZ2tCRRChAidceY_XBuGISBlsoHHKUAfbnY; expires=Fri, 13-Jun-2025 07:07:44 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+gzip.org&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=email+gzip.org&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDPT4dINA3hbZ8RbfXlXHbaLrDLi65bveP9emqTYhU4idB5UZLX-_xn661C9dsgbO4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwYD6ugYQqcbNzQESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-uxh6pfxApB2q-rLvr5kz0Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: gws
Content-Length: 483
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-UuQJ6NC8K4HpmZlXg8_yPTVh34oYYX3U2zbwQ66BiFJVGOalp8IQ; expires=Fri, 13-Jun-2025 07:07:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjBRh-Wxdh39oslHLbEROq4wuC0w2doNP_pSfWqsSXYpQTZ3LA_0XXvShaC8YBxVeogyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwYD6ugYQ062J7QISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-0_FHfzGlPmjyT9MiXtbzhg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: gws
Content-Length: 489
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VCHBtbvqsO_PxDNaA2IKaM7Y22ukQadilljErILlx2UkImLBi1eg; expires=Fri, 13-Jun-2025 07:07:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBFJoS1Kz3zkg-Cwjis_4TlqbJusSQneLmB04vmK8UtTXachijyOh_PDf8rtvlsFUIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBFJoS1Kz3zkg-Cwjis_4TlqbJusSQneLmB04vmK8UtTXachijyOh_PDf8rtvlsFUIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:45 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=acm.org+email

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=acm.org+email HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=acm.org+email
Content-Length: 303
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net
Content-Length: 312
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=acm.org+email

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=acm.org+email HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=acm.org+email
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto
Content-Length: 0
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=acm.org+email

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=acm.org+email HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:44 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjAjjOuOBZmnZyO26mug7fyc6sMdQ7nOS7ENMjLLf3jb9N1ZVLLGMYe9-DTl9ZqRdwYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjAjjOuOBZmnZyO26mug7fyc6sMdQ7nOS7ENMjLLf3jb9N1ZVLLGMYe9-DTl9ZqRdwYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:44 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu%26num%3D20&hl=en&q=EgS117BTGL6A-roGIjALThB-lZqYKeCothVnzvTal4jML5-1yEMaamPF-zrX88lgHG3W54HEx9pw5stc_yUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu%26num%3D20&hl=en&q=EgS117BTGL6A-roGIjALThB-lZqYKeCothVnzvTal4jML5-1yEMaamPF-zrX88lgHG3W54HEx9pw5stc_yUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:44 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3318
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDqoqhJp6BZSUst7kvW3hBaCU57wMnfRl-6U0VIllswzIoihywADIXRcSnTUmM8JUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIwYD6ugYQlN_9PxIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-1BrNKHedJtNNUQV3dlZZDQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: gws
Content-Length: 490
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VucaqOGpZdQh0nylmFKmddTEZdLj379kbnOQTODs5r6etzJZQ3aTY; expires=Fri, 13-Jun-2025 07:07:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL6A-roGIjCF8ojv47IybawaMyBkZh4b-laLkryIuQ8ufaLJf0bbuipyOSSfTRZ9V2XOD7NdGtMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL6A-roGIjCF8ojv47IybawaMyBkZh4b-laLkryIuQ8ufaLJf0bbuipyOSSfTRZ9V2XOD7NdGtMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:45 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGL6A-roGIjATyBNMmc9Yd20iioEpyGJcuJqcmJgTBq7zvWl0jqjCTsqFFGbEg0sqfNkArnyVnRoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGL6A-roGIjATyBNMmc9Yd20iioEpyGJcuJqcmJgTBq7zvWl0jqjCTsqFFGbEg0sqfNkArnyVnRoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:45 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3303
X-XSS-Protection: 0
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org
Content-Length: 305
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+alumni.caltech.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+alumni.caltech.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu&hl=en&q=EgS117BTGMGA-roGIjA0TlmptxjDvirgBrqNuQdmNMxNjDtOE1Bkqq1CKnRsUixEzzDmUHUu7J0Saoo5-8AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwYD6ugYQgt-5sQISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-gSl5UQque7fjLwJjjPogUQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XvBVtLU9iNG7_n_tXgGJmyjObqouSqk67VyfKiRo1d4lazDx-36Q; expires=Fri, 13-Jun-2025 07:07:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+burtleburtle.net&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+burtleburtle.net&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDmsp_mCZNJ8YWisZ6f4y0ZFRzNRXoJLliof0HW2eq10qn_hjdMEXdQCpNhj2eTDTMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwYD6ugYQuImzwwMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-n-fMzwc8Hcb7hrmXc2weFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: gws
Content-Length: 490
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-W7ZT2htOqXPR-hWyP4ffW4oh8Tt-SFBYat2ctJVtPrRPTN2zzhnIU; expires=Fri, 13-Jun-2025 07:07:45 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+burtleburtle.net&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+burtleburtle.net&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D50&hl=en&q=EgS117BTGMGA-roGIjAMUBV6upA_dT44SpMhkEH_dj2Uf-Qlm2F7cY0Xo-tqrhqzXopYnfxIOSdvkGjj8WsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwoD6ugYQ1eeHxQESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-n4IYKCXzUbnySsgBhbXy2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:46 GMT
Server: gws
Content-Length: 489
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-WHoWc_AAzjNKmv92HeBXoB5TdMO_TCB22XqrPrM9NSX_frLRHOE3M; expires=Fri, 13-Jun-2025 07:07:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjDmjgi0AT_iFwe-64kZ5YqGHhmUs2gvovEiTIlvVzNubDZUoBqsJbvtP-MLAVzt5s0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjDmjgi0AT_iFwe-64kZ5YqGHhmUs2gvovEiTIlvVzNubDZUoBqsJbvtP-MLAVzt5s0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:46 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3309
X-XSS-Protection: 0
GET

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:80

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: Apache
Location: https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu
Content-Length: 312
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: Apache
X-Powered-By: PHP/7.2.17
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.lycos.com

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:45 GMT
Server: Apache
X-Powered-By: PHP/7.2.17
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

http://search.yahoo.com/search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:45 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:45 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://search.yahoo.com/search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:45 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:45 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjAjoHCW0hacw3LGv6jI8a-PE54_rYwRblvYT59iasb-asjRgJ_NYtBzZV3V6OdOy-AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjAjoHCW0hacw3LGv6jI8a-PE54_rYwRblvYT59iasb-asjRgJ_NYtBzZV3V6OdOy-AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:45 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
GET

http://search.yahoo.com/search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:45 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=m-ou.se+mailto&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=m-ou.se+mailto&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmailto%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDXjEXirC92-_lW-dRcOsE6Eh8vKAyhE64Bi9ca5PohFZ6gf99yc1QYkpkZUo1r1jUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwoD6ugYQgrSIpAESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-T4SV2X-7xWFjSYtN2mH2-Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:46 GMT
Server: gws
Content-Length: 483
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-UQkFyAH_PccVPRYEoW-YP1R-DAyVMAqYqJy5idzEngLA6K2_FVkg; expires=Fri, 13-Jun-2025 07:07:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu&hl=en&q=EgS117BTGMKA-roGIjBywx4LDU5CFe40FSlaLFrkLb3dKDFiZWBueC7yVYN5bPuiALwC9zcWaJ-eqhjEoKsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwoD6ugYQlrDApQISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-FbLbwn2R6Fd8MaBMl4KjCw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:46 GMT
Server: gws
Content-Length: 479
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-X1E2tFr-8ERg_9eJU0Ec8uFhIxzV-RfMk-8EZyKDYMHeHvruh0gw; expires=Fri, 13-Jun-2025 07:07:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:46 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
GET

https://search.yahoo.com/search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 INKApi Error

Date: Sun, 15 Dec 2024 07:07:46 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Content-Length: 0
GET

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Date: Sun, 15 Dec 2024 07:07:46 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Location: https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

209.202.254.10:443

Request

GET /default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.lycos.com
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Date: Sun, 15 Dec 2024 07:07:46 GMT
Server: Apache
X-Powered-By: PHP/7.2.14
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
GET

http://search.yahoo.com/search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:80

Request

GET /search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: search.yahoo.com
Connection: Keep-Alive

Response

HTTP/1.1 301 Moved Permanently

Date: Sun, 15 Dec 2024 07:07:46 GMT
Connection: close
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
Location: https://search.yahoo.com/search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100
Content-Length: 25
Content-Type: text/html
GET

https://search.yahoo.com/search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

212.82.100.137:443

Request

GET /search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Connection: Keep-Alive
Host: search.yahoo.com

Response

HTTP/1.1 500 Internal Server Error

Content-Type: text/plain; charset=utf-8;
Secure_search_bypass: true
Date: Sun, 15 Dec 2024 07:07:46 GMT
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Server: ATS
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
Referrer-Policy: no-referrer-when-downgrade
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:46 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+m-ou.se&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+m-ou.se&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGMKA-roGIjDxFzzMtseFPPUegXBIw-omN1myStf6mwgpLd4y-Tfpe8ogMIYguZBg8nbt2GkiVm0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwoD6ugYQtsOMxQMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-KnUgfhBLZRRlUztqa1uzQw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:46 GMT
Server: gws
Content-Length: 481
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-V-JcTNI7PJPxxxdnYRf8zlAFFS-NwUp0Cv_SXQ6VGAiNaVI23x-g; expires=Fri, 13-Jun-2025 07:07:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjAZ3CX-CkaZCW9v58geeYJWuPM9cP33onauQnoEielFukFdOKwnxvngxeGkPCEvCsoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjAZ3CX-CkaZCW9v58geeYJWuPM9cP33onauQnoEielFukFdOKwnxvngxeGkPCEvCsoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:47 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGMKA-roGIjDuXPbLQLVgtCVatIbJvNSqjbMUyt_ekrKjuqm1WvLFCzi_I_dWW9SCkblmNu4umJwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIwoD6ugYQtprqygMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-i48hr8Rgn8kiSXYAW0F9bw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:46 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-UXejNy5JuNYKq0Mp3qAInWQ8Tg06b_VtyDY1Avq-9miH1l8W5mmw; expires=Fri, 13-Jun-2025 07:07:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=20

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=20 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGMOA-roGIjDYCaOtj8SiPii78DlMySwD5q9bjDbhUG5jzorrewdg9DYAin7ecewLEpxxGUSMdhYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIw4D6ugYQx8yttAESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-NHTZPSP3fr4cykK0cvjOUg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:47 GMT
Server: gws
Content-Length: 481
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XgdloS1UCCfS7anyjSmaYf5rbuwR6uDlrDXD25q0wlZrC775MBUA; expires=Fri, 13-Jun-2025 07:07:47 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+alumni.caltech.edu&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+alumni.caltech.edu&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Balumni.caltech.edu%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjBy4IXgucIn3X97HFJ8aK353gxXVUnvYtdgm0NQbSzWD6kmpDNx_ASn3ZIwo_fKbW8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIw4D6ugYQleH2wAISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-Q5HEZOn3PlKbwINvXvlRsA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:47 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XcaSoQ_ilXoradAfHgUS_uYf-h0TtptvJtzUPW-l_xlH-Qq5y7Hg; expires=Fri, 13-Jun-2025 07:07:47 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGMCA-roGIjBOSwKdfjGy0TkM2aLa0kHrBy_372np3VuaaTe59h6q6lylmtMevIzbis0YoHvp_OoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGMCA-roGIjBOSwKdfjGy0TkM2aLa0kHrBy_372np3VuaaTe59h6q6lylmtMevIzbis0YoHvp_OoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:47 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3303
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+acm.org&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+acm.org&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjCWDlseeBavv3SQX1wPkhPjCrmDkpAnQNSd82la-7Z5pwq9vmbfRuDYSrhZo2l1zDIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIw4D6ugYQoI6S5wESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-c27CglNXHT58tAn1eiqLXQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:47 GMT
Server: gws
Content-Length: 482
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XtJcQbn3np-NzQHs9BYDlvBJSPUbUhZSs-M7Aca0qZWoRslwdbCik; expires=Fri, 13-Jun-2025 07:07:47 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+alumni.caltech.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+alumni.caltech.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Balumni.caltech.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjAzQylwL7jlyyOmZ77YU5j4kQD2WISArkj4dhVNh9oHrzUeAJDLSsbRpkUjJFjm7UUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIw4D6ugYQ3czN1gMSBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-L9G2VVW329ttFzVNLFRb5Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:47 GMT
Server: gws
Content-Length: 494
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-VUV7JdCDQ4zM9ZQvqXPALtS7MQJpFZnykv2IAqsxRq_xXi8L840JM; expires=Fri, 13-Jun-2025 07:07:47 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDqoqhJp6BZSUst7kvW3hBaCU57wMnfRl-6U0VIllswzIoihywADIXRcSnTUmM8JUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDqoqhJp6BZSUst7kvW3hBaCU57wMnfRl-6U0VIllswzIoihywADIXRcSnTUmM8JUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3309
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+cs.stanford.edu&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+cs.stanford.edu&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjBgpX6d2LPzfSACZg0erKRRr7EcIP0nWhsbuzpU0Mh6pe_8IU_N6AkoNhT5lUzDybsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIxID6ugYQ9f3lBhIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-dXdWkXokKvLDH0LiZBLJkw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:48 GMT
Server: gws
Content-Length: 491
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-UFRRHlxbK05BOvTLfdao5gLV2Fp9T39l2Y9ccJAwuuehHVPOsUZg; expires=Fri, 13-Jun-2025 07:07:48 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDPT4dINA3hbZ8RbfXlXHbaLrDLi65bveP9emqTYhU4idB5UZLX-_xn661C9dsgbO4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDPT4dINA3hbZ8RbfXlXHbaLrDLi65bveP9emqTYhU4idB5UZLX-_xn661C9dsgbO4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3288
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+gzip.org&num=50

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+gzip.org&num=50 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bgzip.org%26num%3D50&hl=en&q=EgS117BTGMSA-roGIjAtl-31iGBcZ2hfzdsWwd6cTLZkXsAXE_VO7eSqEi6Sl9etuGMkGPTPym8s4oGjVJoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIxID6ugYQx4ChrwESBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-FbX-2sXJTZog2iMIaoM9Xg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:48 GMT
Server: gws
Content-Length: 483
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-WFZt63Sc8tn1OaiFjqpbVQ7R-eyzp7OHCL8MGj2hadmy93nU5w12k; expires=Fri, 13-Jun-2025 07:07:48 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmailto%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDXjEXirC92-_lW-dRcOsE6Eh8vKAyhE64Bi9ca5PohFZ6gf99yc1QYkpkZUo1r1jUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmailto%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDXjEXirC92-_lW-dRcOsE6Eh8vKAyhE64Bi9ca5PohFZ6gf99yc1QYkpkZUo1r1jUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3288
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu&hl=en&q=EgS117BTGMGA-roGIjA0TlmptxjDvirgBrqNuQdmNMxNjDtOE1Bkqq1CKnRsUixEzzDmUHUu7J0Saoo5-8AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu&hl=en&q=EgS117BTGMGA-roGIjA0TlmptxjDvirgBrqNuQdmNMxNjDtOE1Bkqq1CKnRsUixEzzDmUHUu7J0Saoo5-8AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjBRh-Wxdh39oslHLbEROq4wuC0w2doNP_pSfWqsSXYpQTZ3LA_0XXvShaC8YBxVeogyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjBRh-Wxdh39oslHLbEROq4wuC0w2doNP_pSfWqsSXYpQTZ3LA_0XXvShaC8YBxVeogyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3306
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDmsp_mCZNJ8YWisZ6f4y0ZFRzNRXoJLliof0HW2eq10qn_hjdMEXdQCpNhj2eTDTMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDmsp_mCZNJ8YWisZ6f4y0ZFRzNRXoJLliof0HW2eq10qn_hjdMEXdQCpNhj2eTDTMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3309
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+gzip.org&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=email+gzip.org&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAetxnddCSwTn8xBkD_qaxIUjE6ROIP9Htkj18WEIfCCZc68yLODq5gx4znWcNbuokyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgwIxID6ugYQi4eVtgISBLXXsFM
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-AChL0ZqiUVbOtvoKyaOXtA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:48 GMT
Server: gws
Content-Length: 483
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-XCV7PzdYxc73O5yDSfX9sElkdD4lvQ2B5KA4_2iRkpR714CVAMOuM; expires=Fri, 13-Jun-2025 07:07:48 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu&hl=en&q=EgS117BTGMKA-roGIjBywx4LDU5CFe40FSlaLFrkLb3dKDFiZWBueC7yVYN5bPuiALwC9zcWaJ-eqhjEoKsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu&hl=en&q=EgS117BTGMKA-roGIjBywx4LDU5CFe40FSlaLFrkLb3dKDFiZWBueC7yVYN5bPuiALwC9zcWaJ-eqhjEoKsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3276
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D50&hl=en&q=EgS117BTGMGA-roGIjAMUBV6upA_dT44SpMhkEH_dj2Uf-Qlm2F7cY0Xo-tqrhqzXopYnfxIOSdvkGjj8WsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D50&hl=en&q=EgS117BTGMGA-roGIjAMUBV6upA_dT44SpMhkEH_dj2Uf-Qlm2F7cY0Xo-tqrhqzXopYnfxIOSdvkGjj8WsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3306
X-XSS-Protection: 0
GET

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+gzip.org&num=100

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+gzip.org&num=100 HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 302 Found

Location: http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAqgFFrXUWWCfueIambQtpLCMcsPvAs7nuhohIBms7qU2KkWt-dPHNginyDKXrhgUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
x-hallmonitor-challenge: CgsIxYD6ugYQuZShEBIEtdewUw
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-ukkwaKwlAPAg-FbAxtIAog' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/xsrp
Date: Sun, 15 Dec 2024 07:07:49 GMT
Server: gws
Content-Length: 484
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=AZ6Zc-Xxx1o38lYzCce1o523MfGw7Nma--58iVNR-qZgNnGTHlGyxJO4zg; expires=Fri, 13-Jun-2025 07:07:49 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Balumni.caltech.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjAzQylwL7jlyyOmZ77YU5j4kQD2WISArkj4dhVNh9oHrzUeAJDLSsbRpkUjJFjm7UUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Balumni.caltech.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjAzQylwL7jlyyOmZ77YU5j4kQD2WISArkj4dhVNh9oHrzUeAJDLSsbRpkUjJFjm7UUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3321
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGMKA-roGIjDxFzzMtseFPPUegXBIw-omN1myStf6mwgpLd4y-Tfpe8ogMIYguZBg8nbt2GkiVm0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGMKA-roGIjDxFzzMtseFPPUegXBIw-omN1myStf6mwgpLd4y-Tfpe8ogMIYguZBg8nbt2GkiVm0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3282
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGMKA-roGIjDuXPbLQLVgtCVatIbJvNSqjbMUyt_ekrKjuqm1WvLFCzi_I_dWW9SCkblmNu4umJwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGMKA-roGIjDuXPbLQLVgtCVatIbJvNSqjbMUyt_ekrKjuqm1WvLFCzi_I_dWW9SCkblmNu4umJwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGMOA-roGIjDYCaOtj8SiPii78DlMySwD5q9bjDbhUG5jzorrewdg9DYAin7ecewLEpxxGUSMdhYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGMOA-roGIjDYCaOtj8SiPii78DlMySwD5q9bjDbhUG5jzorrewdg9DYAin7ecewLEpxxGUSMdhYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3282
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjCWDlseeBavv3SQX1wPkhPjCrmDkpAnQNSd82la-7Z5pwq9vmbfRuDYSrhZo2l1zDIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjCWDlseeBavv3SQX1wPkhPjCrmDkpAnQNSd82la-7Z5pwq9vmbfRuDYSrhZo2l1zDIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3285
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Balumni.caltech.edu%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjBy4IXgucIn3X97HFJ8aK353gxXVUnvYtdgm0NQbSzWD6kmpDNx_ASn3ZIwo_fKbW8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Balumni.caltech.edu%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjBy4IXgucIn3X97HFJ8aK353gxXVUnvYtdgm0NQbSzWD6kmpDNx_ASn3ZIwo_fKbW8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjBgpX6d2LPzfSACZg0erKRRr7EcIP0nWhsbuzpU0Mh6pe_8IU_N6AkoNhT5lUzDybsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjBgpX6d2LPzfSACZg0erKRRr7EcIP0nWhsbuzpU0Mh6pe_8IU_N6AkoNhT5lUzDybsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3312
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bgzip.org%26num%3D50&hl=en&q=EgS117BTGMSA-roGIjAtl-31iGBcZ2hfzdsWwd6cTLZkXsAXE_VO7eSqEi6Sl9etuGMkGPTPym8s4oGjVJoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bgzip.org%26num%3D50&hl=en&q=EgS117BTGMSA-roGIjAtl-31iGBcZ2hfzdsWwd6cTLZkXsAXE_VO7eSqEi6Sl9etuGMkGPTPym8s4oGjVJoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3288
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAetxnddCSwTn8xBkD_qaxIUjE6ROIP9Htkj18WEIfCCZc68yLODq5gx4znWcNbuokyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAetxnddCSwTn8xBkD_qaxIUjE6ROIP9Htkj18WEIfCCZc68yLODq5gx4znWcNbuokyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3288
X-XSS-Protection: 0
GET

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAqgFFrXUWWCfueIambQtpLCMcsPvAs7nuhohIBms7qU2KkWt-dPHNginyDKXrhgUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

172.217.20.164:80

Request

GET /sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAqgFFrXUWWCfueIambQtpLCMcsPvAs7nuhohIBms7qU2KkWt-dPHNginyDKXrhgUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
Host: www.google.com
Connection: Keep-Alive

Response

HTTP/1.1 429 Too Many Requests

Date: Sun, 15 Dec 2024 07:07:49 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html
Server: HTTP server (unknown)
Content-Length: 3291
X-XSS-Protection: 0
DNS

aspmx3.googlemail.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

aspmx3.googlemail.com

IN A

Response

aspmx3.googlemail.com

IN A

142.250.150.27
DNS

acm.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

acm.org

IN A

Response

acm.org

IN A

104.17.79.30

acm.org

IN A

104.17.78.30
DNS

smtp1.cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

smtp1.cs.stanford.edu

IN A

Response

smtp1.cs.stanford.edu

IN A

171.64.64.25
DNS

burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

burtleburtle.net

IN A

Response

burtleburtle.net

IN A

65.254.227.224
DNS

burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

burtleburtle.net

IN A

Response

burtleburtle.net

IN A

65.254.227.224
DNS

alumni.caltech.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

Remote address:

8.8.8.8:53

Request

alumni.caltech.edu

IN A

Response

alumni.caltech.edu

IN A

204.13.239.180

16.23.61.97:1034

services.exe

260 B
5
16.27.192.241:1034

services.exe

260 B
5
123.49.14.223:1034

services.exe

260 B
5
16.133.165.109:1034

services.exe

260 B
5
16.195.73.6:1034

services.exe

260 B
5
182.178.222.85:1034

services.exe

260 B
5
142.250.157.27:25

aspmx5.googlemail.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

260 B
5
199.89.1.120:25

mail.mailroute.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

260 B
5
171.64.64.26:25

smtp2.cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

260 B
5
171.64.64.26:25

smtp2.cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

260 B
5
65.254.254.52:25

mx.burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

260 B
5
52.101.41.21:25

alumni-caltech-edu.mail.protection.outlook.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

260 B
5
85.187.148.2:25

gzip.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

260 B
5
212.82.100.137:80

http://www.altavista.com/web/results?q=mailto+cs.stanford.edu&kgs=0&kls=0&nbq=20

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

5.6kB
7.9kB
30
18

HTTP Request

GET http://www.altavista.com/web/results?q=cs.stanford.edu+contact+mail&kgs=0&kls=0&nbq=50

HTTP Response

301

HTTP Request

GET http://www.altavista.com/web/results?q=m-ou.se+mailto&kgs=0&kls=0&nbq=50

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=contact+mail+acm.org&kgs=0&kls=0&nbq=50

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=alumni.caltech.edu+mailto&kgs=0&kls=0&nbq=20

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=alumni.caltech.edu+contact+mail&kgs=0&kls=0&nbq=50

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=cs.stanford.edu+contact+e-mail&kgs=0&kls=0&nbq=50

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=reply+m-ou.se&kgs=0&kls=0&nbq=20

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=mail+acm.org&kgs=0&kls=0&nbq=50

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=contact+mail+gzip.org&kgs=0&kls=0

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=m-ou.se+mail&kgs=0&kls=0&nbq=50

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=contact+e-mail+gzip.org&kgs=0&kls=0&nbq=50

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=acm.org+mailto&kgs=0&kls=0&nbq=20

HTTP Response

500

HTTP Request

GET http://www.altavista.com/web/results?q=mailto+cs.stanford.edu&kgs=0&kls=0&nbq=20

HTTP Response

500
212.82.100.137:80

http://www.altavista.com/web/results?q=mail+m-ou.se&kgs=0&kls=0&nbq=20

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

505 B
537 B
4
3

HTTP Request

GET http://www.altavista.com/web/results?q=mail+m-ou.se&kgs=0&kls=0&nbq=20

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjBFJDQP3qMTiSLSvR1XWam7IMJKRaBPimGgScxIiAcYWK60PYE05omCliVJsoHlBr8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.8kB
6.9kB
14
11

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=m-ou.se+mail&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjBFJDQP3qMTiSLSvR1XWam7IMJKRaBPimGgScxIiAcYWK60PYE05omCliVJsoHlBr8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:443

https://search.yahoo.com/?fr=altavista

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.3kB
6.3kB
16
11

HTTP Request

GET https://search.yahoo.com/?fr=altavista

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLiA-roGIjBh9TZBQqTkJacniGMWMJvwqjDjIv130FuDjPKvMGwuw1O8SIrsGNzoTImsmZUabWoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.8kB
6.8kB
14
11

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+gzip.org&num=20

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLiA-roGIjBh9TZBQqTkJacniGMWMJvwqjDjIv130FuDjPKvMGwuw1O8SIrsGNzoTImsmZUabWoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCrKt0Lo55Ys1rUmjEzr4EY2qxYt0gfzxFDnvk07F93M0BITDnjgmPoVJjR_Gm0r4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.3kB
8.5kB
18
15

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=contact+mail+burtleburtle.net&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCrKt0Lo55Ys1rUmjEzr4EY2qxYt0gfzxFDnvk07F93M0BITDnjgmPoVJjR_Gm0r4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmail%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjC8nvyplCsPLovJTghsyEq7u4WrBZfE7TH6yS3LWzdb9asz0WjpAeHfkc10IDR1pX4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=burtleburtle.net+email&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmail%26num%3D100&hl=en&q=EgS117BTGLiA-roGIjC8nvyplCsPLovJTghsyEq7u4WrBZfE7TH6yS3LWzdb9asz0WjpAeHfkc10IDR1pX4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
209.202.254.10:80

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.0kB
1.4kB
8
5

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto

HTTP Response

301

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email

HTTP Response

301
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu&hl=en&q=EgS117BTGLmA-roGIjAwnNTtaal--JeGv9y1yhbheXbhThw0Ww7Ntz2gXlu6l3vXIluNNn3owopcVaHTDeEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.8kB
6.8kB
14
11

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=cs.stanford.edu+email&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu&hl=en&q=EgS117BTGLmA-roGIjAwnNTtaal--JeGv9y1yhbheXbhThw0Ww7Ntz2gXlu6l3vXIluNNn3owopcVaHTDeEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.2kB
17.3kB
25
19

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=gzip.org+mailto

HTTP Response

404
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.1kB
17.2kB
24
18

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+email

HTTP Response

404
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dburtleburtle.net%2Bemail%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjA5TA_qFB-Rpr7u13AsknxfBitkVuLx9TrfrbGqJzwMYNnA1usoIn3B95hUf6D765gyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.8kB
6.9kB
14
11

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+acm.org&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dburtleburtle.net%2Bemail%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjA5TA_qFB-Rpr7u13AsknxfBitkVuLx9TrfrbGqJzwMYNnA1usoIn3B95hUf6D765gyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

626 B
655 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

HTTP Response

500
2.18.121.71:80

http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgTv%2BHV0Bd%2FqEQJQjG4LfvoXXw%3D%3D

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

428 B
1.0kB
4
3

HTTP Request

GET http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgTv%2BHV0Bd%2FqEQJQjG4LfvoXXw%3D%3D

HTTP Response

200
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjBoDwcTZwSgpiKlUpPCoGaiCxfbBn3S-yrWrz00DdFicDqtRQLMhaQvyf8w_2LH-PgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=cs.stanford.edu+mailto&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjBoDwcTZwSgpiKlUpPCoGaiCxfbBn3S-yrWrz00DdFicDqtRQLMhaQvyf8w_2LH-PgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

627 B
656 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=burtleburtle.net+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcontact%2Bmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCkiMzE3mI8ZYBkZIQLmbKHypUiGT4_aQH8I1ZOhJ7VAA7KMm6qRDzpK3GpQc9PGdEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

960 B
3.9kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcontact%2Bmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLmA-roGIjCkiMzE3mI8ZYBkZIQLmbKHypUiGT4_aQH8I1ZOhJ7VAA7KMm6qRDzpK3GpQc9PGdEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

618 B
647 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bmailto%26num%3D50&hl=en&q=EgS117BTGLuA-roGIjBzbYHmvjY_cqTfVCjKjr4UXojCaNC-a8Nv1ItpezhVe-JYBbfLvnMuWwwvC8QvJ_EyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.3kB
8.4kB
17
14

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+burtleburtle.net

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+burtleburtle.net&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bmailto%26num%3D50&hl=en&q=EgS117BTGLuA-roGIjBzbYHmvjY_cqTfVCjKjr4UXojCaNC-a8Nv1ItpezhVe-JYBbfLvnMuWwwvC8QvJ_EyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:443

https://search.yahoo.com/search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=email+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjDzbPgJFPLb7nl_oRUfcIoFyc0lui3Z5lN1Ks4uScU1E9TTz64JX-NUWUu5piY5KLcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.4kB
12
9

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dcs.stanford.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGLqA-roGIjDzbPgJFPLb7nl_oRUfcIoFyc0lui3Z5lN1Ks4uScU1E9TTz64JX-NUWUu5piY5KLcyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

617 B
646 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.6kB
6.3kB
16
11

HTTP Request

GET https://search.yahoo.com/search?p=e-mail+acm.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=50

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjBOYzvyb9K32CE-NCIZYbbxDzMi0zolFhjHICwJOP3cl0Dpq_VkiYUyF0i5DUDeWSIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
12
9

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+m-ou.se&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjBOYzvyb9K32CE-NCIZYbbxDzMi0zolFhjHICwJOP3cl0Dpq_VkiYUyF0i5DUDeWSIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

580 B
655 B
5
5

HTTP Request

GET http://search.yahoo.com/search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.6kB
6.3kB
16
11

HTTP Request

GET https://search.yahoo.com/search?p=mailto+cs.stanford.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjAfR4ihq3mV3qbOYhKI9Ue0LyLYF0ZhFSudYvtagPsYqIIhLzAhtRBRbvOthMaQj4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

950 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGLqA-roGIjAfR4ihq3mV3qbOYhKI9Ue0LyLYF0ZhFSudYvtagPsYqIIhLzAhtRBRbvOthMaQj4YyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBY9eYZ1G39ivOBLsjoxstXKnyAkqWcG2QMz0uaAF1vS4rYwvboB8a8yV6SEJ2fGI8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+gzip.org&num=20

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBY9eYZ1G39ivOBLsjoxstXKnyAkqWcG2QMz0uaAF1vS4rYwvboB8a8yV6SEJ2fGI8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

627 B
656 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=mailto+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bburtleburtle.net&hl=en&q=EgS117BTGLuA-roGIjDmDSs9KzQSOMYRRmYF7zQ0p4rRqAdiIvLR4ljMEBZVP--Idi2-DSBmndDLrNhehBYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=acm.org+mailto&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bburtleburtle.net&hl=en&q=EgS117BTGLuA-roGIjDmDSs9KzQSOMYRRmYF7zQ0p4rRqAdiIvLR4ljMEBZVP--Idi2-DSBmndDLrNhehBYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBP-rXHP04O1naSvihMC00wzi_6t8Cmv5hay_uANY66JwCXJ5kAbeJoWVIUluKKtWUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=alumni.caltech.edu+mailto&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGLuA-roGIjBP-rXHP04O1naSvihMC00wzi_6t8Cmv5hay_uANY66JwCXJ5kAbeJoWVIUluKKtWUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

612 B
641 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.6kB
6.3kB
16
11

HTTP Request

GET https://search.yahoo.com/search?p=m-ou.se+mailto&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

HTTP Response

500
209.202.254.10:80

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
2.1kB
10
6

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

HTTP Response

301

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu

HTTP Response

301

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net

HTTP Response

301
212.82.100.137:80

http://search.yahoo.com/search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

619 B
648 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=e-mail+gzip.org&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.1kB
17.2kB
24
18

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

HTTP Response

404
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBghn7CqVmGvKpkDum3UHrYYYLiLKh8tr1IPPZo0L8JyaSX3cJui9q-eiTuFgsOw9wyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=gzip.org+mail&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBghn7CqVmGvKpkDum3UHrYYYLiLKh8tr1IPPZo0L8JyaSX3cJui9q-eiTuFgsOw9wyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLyA-roGIjBDBUUhjbOpzVFzm5WbZiHaOhOQU6BZ95GS0KHsJwo7kLJwQgWUolOFU6UNIzHfbgEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.8kB
6.9kB
14
11

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=alumni.caltech.edu+email&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGLyA-roGIjBDBUUhjbOpzVFzm5WbZiHaOhOQU6BZ95GS0KHsJwo7kLJwQgWUolOFU6UNIzHfbgEyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjCa2CKmcHit09FrJ-IW61sCu_dypI2JbRDWTGtBzvYK5U8WWCE5LleoE7-0cLP-4FwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

952 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjCa2CKmcHit09FrJ-IW61sCu_dypI2JbRDWTGtBzvYK5U8WWCE5LleoE7-0cLP-4FwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dacm.org%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjD8aQ472LgBRFB2hXeiwtzVgEQynXFbRaZpIW4AsUe5giN4wzjxcMrz66OPimqRHyMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.3kB
8.4kB
17
14

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+acm.org&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+alumni.caltech.edu&num=20

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dacm.org%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjD8aQ472LgBRFB2hXeiwtzVgEQynXFbRaZpIW4AsUe5giN4wzjxcMrz66OPimqRHyMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

580 B
655 B
5
5

HTTP Request

GET http://search.yahoo.com/search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBeNCn5h28q93pH_hUaqDqmQL7aHEIq-We1bG08B_nlyrRXLU3XvtlLi-UuHz34lH8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

905 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGLyA-roGIjBeNCn5h28q93pH_hUaqDqmQL7aHEIq-We1bG08B_nlyrRXLU3XvtlLi-UuHz34lH8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:443

https://search.yahoo.com/search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=burtleburtle.net+reply&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjAH7B8MqmNejkzotH9euxCgwnB48AeN96G1kzaWzRSNpfORTjw5oaLrufoH7rFUC0QyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

908 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bmailto%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjAH7B8MqmNejkzotH9euxCgwnB48AeN96G1kzaWzRSNpfORTjw5oaLrufoH7rFUC0QyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dgzip.org%2Bmail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjB295bEKatgq1DGj1cP2uEU1Q2sawUlLvQRj8Hv7TneSPkxIud2Jcg1XWd4DbXq4xUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.8kB
6.9kB
14
11

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+acm.org&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dgzip.org%2Bmail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjB295bEKatgq1DGj1cP2uEU1Q2sawUlLvQRj8Hv7TneSPkxIud2Jcg1XWd4DbXq4xUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
209.202.254.10:443

https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.2kB
3.9kB
12
8

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu

HTTP Response

302
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.1kB
17.2kB
24
18

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=e-mail+cs.stanford.edu

HTTP Response

404
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjD_XmK1XGwCEUAgHraBQx84n7qplAVka5rH6ROS5XoKpKSecuhYEyyAY2ujk4ZmeH4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.3kB
8.4kB
17
14

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+burtleburtle.net&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjD_XmK1XGwCEUAgHraBQx84n7qplAVka5rH6ROS5XoKpKSecuhYEyyAY2ujk4ZmeH4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

620 B
649 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

HTTP Response

301
209.202.254.10:80

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

620 B
794 B
6
4

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=email+burtleburtle.net&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=

HTTP Response

500
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.7kB
16.8kB
22
17

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mail+burtleburtle.net

HTTP Response

404
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.1kB
17.2kB
24
18

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=alumni.caltech.edu+reply

HTTP Response

404
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjDyMWCYFmT8p8sBEALORTMMWijncKXdrZejpc8l4iRPrvNEbS4aEzY3QPPFyxG3_hsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

953 B
3.9kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dalumni.caltech.edu%2Bemail%26num%3D100&hl=en&q=EgS117BTGL2A-roGIjDyMWCYFmT8p8sBEALORTMMWijncKXdrZejpc8l4iRPrvNEbS4aEzY3QPPFyxG3_hsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
10.0.7.177:1034

services.exe

260 B
5
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBFJoS1Kz3zkg-Cwjis_4TlqbJusSQneLmB04vmK8UtTXachijyOh_PDf8rtvlsFUIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

3.2kB
11.5kB
23
20

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+gzip.org&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bacm.org%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBFJoS1Kz3zkg-Cwjis_4TlqbJusSQneLmB04vmK8UtTXachijyOh_PDf8rtvlsFUIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
209.202.254.10:80

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.0kB
1.4kB
8
5

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=acm.org+email

HTTP Response

301

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net

HTTP Response

301
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=acm.org+email

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.6kB
17.6kB
27
20

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=acm.org+email

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=acm.org+email

HTTP Response

404
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.1kB
17.2kB
24
18

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

HTTP Response

404
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjAjjOuOBZmnZyO26mug7fyc6sMdQ7nOS7ENMjLLf3jb9N1ZVLLGMYe9-DTl9ZqRdwYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

896 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGL2A-roGIjAjjOuOBZmnZyO26mug7fyc6sMdQ7nOS7ENMjLLf3jb9N1ZVLLGMYe9-DTl9ZqRdwYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu%26num%3D20&hl=en&q=EgS117BTGL6A-roGIjALThB-lZqYKeCothVnzvTal4jML5-1yEMaamPF-zrX88lgHG3W54HEx9pw5stc_yUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

907 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu%26num%3D20&hl=en&q=EgS117BTGL6A-roGIjALThB-lZqYKeCothVnzvTal4jML5-1yEMaamPF-zrX88lgHG3W54HEx9pw5stc_yUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL6A-roGIjCF8ojv47IybawaMyBkZh4b-laLkryIuQ8ufaLJf0bbuipyOSSfTRZ9V2XOD7NdGtMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.4kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=reply+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL6A-roGIjCF8ojv47IybawaMyBkZh4b-laLkryIuQ8ufaLJf0bbuipyOSSfTRZ9V2XOD7NdGtMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.7kB
16.8kB
22
17

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=reply+burtleburtle.net

HTTP Response

404
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGL6A-roGIjATyBNMmc9Yd20iioEpyGJcuJqcmJgTBq7zvWl0jqjCTsqFFGbEg0sqfNkArnyVnRoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

948 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGL6A-roGIjATyBNMmc9Yd20iioEpyGJcuJqcmJgTBq7zvWl0jqjCTsqFFGbEg0sqfNkArnyVnRoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
209.202.254.10:80

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

611 B
776 B
6
4

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org

HTTP Response

301
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjDmjgi0AT_iFwe-64kZ5YqGHhmUs2gvovEiTIlvVzNubDZUoBqsJbvtP-MLAVzt5s0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.3kB
8.4kB
17
14

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+alumni.caltech.edu

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+burtleburtle.net&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+burtleburtle.net&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjDmjgi0AT_iFwe-64kZ5YqGHhmUs2gvovEiTIlvVzNubDZUoBqsJbvtP-MLAVzt5s0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
209.202.254.10:80

http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

618 B
790 B
6
4

HTTP Request

GET http://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu

HTTP Response

301
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.1kB
17.2kB
24
18

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+gzip.org

HTTP Response

404
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.1kB
17.2kB
24
18

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=mailto+cs.stanford.edu

HTTP Response

404
212.82.100.137:80

http://search.yahoo.com/search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

616 B
645 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.6kB
6.3kB
16
11

HTTP Request

GET https://search.yahoo.com/search?p=mail+m-ou.se&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
212.82.100.137:80

http://search.yahoo.com/search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

629 B
658 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=e-mail+alumni.caltech.edu&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjAjoHCW0hacw3LGv6jI8a-PE54_rYwRblvYT59iasb-asjRgJ_NYtBzZV3V6OdOy-AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

951 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjAjoHCW0hacw3LGv6jI8a-PE54_rYwRblvYT59iasb-asjRgJ_NYtBzZV3V6OdOy-AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:80

http://search.yahoo.com/search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

626 B
655 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.9kB
6.9kB
15
12

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=m-ou.se+mailto&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+cs.stanford.edu

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
212.82.100.137:443

https://search.yahoo.com/search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.6kB
6.1kB
16
12

HTTP Request

GET https://search.yahoo.com/search?p=acm.org+contact+e-mail&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
209.202.254.10:443

https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.1kB
17.2kB
24
18

HTTP Request

GET https://search.lycos.com/default.asp?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

HTTP Response

302

HTTP Request

GET https://search.lycos.com/default.asp/?lpv=1&loc=searchhp&tab=web&query=cs.stanford.edu+mailto

HTTP Response

404
212.82.100.137:80

http://search.yahoo.com/search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

617 B
646 B
6
5

HTTP Request

GET http://search.yahoo.com/search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

301
212.82.100.137:443

https://search.yahoo.com/search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

tls, http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.5kB
6.2kB
15
10

HTTP Request

GET https://search.yahoo.com/search?p=m-ou.se+email&ei=UTF-8&fr=fp-tab-web-t&cop=mss&tab=&n=100

HTTP Response

500
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

951 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGL-A-roGIjBB7TR0bqUWlCUrVf4ScW1S-zwVhpE1oghIalNoR3Boep6bQz-F96_qzwSeyLLTmHkyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjAZ3CX-CkaZCW9v58geeYJWuPM9cP33onauQnoEielFukFdOKwnxvngxeGkPCEvCsoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
12
9

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+m-ou.se&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjAZ3CX-CkaZCW9v58geeYJWuPM9cP33onauQnoEielFukFdOKwnxvngxeGkPCEvCsoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
171.64.64.26:25

smtp2.cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

260 B
5
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGMCA-roGIjBOSwKdfjGy0TkM2aLa0kHrBy_372np3VuaaTe59h6q6lylmtMevIzbis0YoHvp_OoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

2.3kB
8.4kB
18
15

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+m-ou.se&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+gzip.org&num=20

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mail+alumni.caltech.edu&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D50&hl=en&q=EgS117BTGMCA-roGIjBOSwKdfjGy0TkM2aLa0kHrBy_372np3VuaaTe59h6q6lylmtMevIzbis0YoHvp_OoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDqoqhJp6BZSUst7kvW3hBaCU57wMnfRl-6U0VIllswzIoihywADIXRcSnTUmM8JUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.8kB
6.9kB
14
11

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+acm.org&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+alumni.caltech.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dreply%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDqoqhJp6BZSUst7kvW3hBaCU57wMnfRl-6U0VIllswzIoihywADIXRcSnTUmM8JUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDPT4dINA3hbZ8RbfXlXHbaLrDLi65bveP9emqTYhU4idB5UZLX-_xn661C9dsgbO4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+cs.stanford.edu&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMCA-roGIjDPT4dINA3hbZ8RbfXlXHbaLrDLi65bveP9emqTYhU4idB5UZLX-_xn661C9dsgbO4yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmailto%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDXjEXirC92-_lW-dRcOsE6Eh8vKAyhE64Bi9ca5PohFZ6gf99yc1QYkpkZUo1r1jUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=mailto+gzip.org&num=50

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dm-ou.se%2Bmailto%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDXjEXirC92-_lW-dRcOsE6Eh8vKAyhE64Bi9ca5PohFZ6gf99yc1QYkpkZUo1r1jUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu&hl=en&q=EgS117BTGMGA-roGIjA0TlmptxjDvirgBrqNuQdmNMxNjDtOE1Bkqq1CKnRsUixEzzDmUHUu7J0Saoo5-8AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

896 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Balumni.caltech.edu&hl=en&q=EgS117BTGMGA-roGIjA0TlmptxjDvirgBrqNuQdmNMxNjDtOE1Bkqq1CKnRsUixEzzDmUHUu7J0Saoo5-8AyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjBRh-Wxdh39oslHLbEROq4wuC0w2doNP_pSfWqsSXYpQTZ3LA_0XXvShaC8YBxVeogyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

949 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjBRh-Wxdh39oslHLbEROq4wuC0w2doNP_pSfWqsSXYpQTZ3LA_0XXvShaC8YBxVeogyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDmsp_mCZNJ8YWisZ6f4y0ZFRzNRXoJLliof0HW2eq10qn_hjdMEXdQCpNhj2eTDTMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

904 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D100&hl=en&q=EgS117BTGMGA-roGIjDmsp_mCZNJ8YWisZ6f4y0ZFRzNRXoJLliof0HW2eq10qn_hjdMEXdQCpNhj2eTDTMyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu&hl=en&q=EgS117BTGMKA-roGIjBywx4LDU5CFe40FSlaLFrkLb3dKDFiZWBueC7yVYN5bPuiALwC9zcWaJ-eqhjEoKsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+gzip.org&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bcs.stanford.edu&hl=en&q=EgS117BTGMKA-roGIjBywx4LDU5CFe40FSlaLFrkLb3dKDFiZWBueC7yVYN5bPuiALwC9zcWaJ-eqhjEoKsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D50&hl=en&q=EgS117BTGMGA-roGIjAMUBV6upA_dT44SpMhkEH_dj2Uf-Qlm2F7cY0Xo-tqrhqzXopYnfxIOSdvkGjj8WsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

949 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bburtleburtle.net%26num%3D50&hl=en&q=EgS117BTGMGA-roGIjAMUBV6upA_dT44SpMhkEH_dj2Uf-Qlm2F7cY0Xo-tqrhqzXopYnfxIOSdvkGjj8WsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Balumni.caltech.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjAzQylwL7jlyyOmZ77YU5j4kQD2WISArkj4dhVNh9oHrzUeAJDLSsbRpkUjJFjm7UUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

1.4kB
5.3kB
11
8

HTTP Request

GET http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=e-mail+gzip.org&num=100

HTTP Response

302

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Balumni.caltech.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjAzQylwL7jlyyOmZ77YU5j4kQD2WISArkj4dhVNh9oHrzUeAJDLSsbRpkUjJFjm7UUyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGMKA-roGIjDxFzzMtseFPPUegXBIw-omN1myStf6mwgpLd4y-Tfpe8ogMIYguZBg8nbt2GkiVm0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

895 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bm-ou.se%26num%3D100&hl=en&q=EgS117BTGMKA-roGIjDxFzzMtseFPPUegXBIw-omN1myStf6mwgpLd4y-Tfpe8ogMIYguZBg8nbt2GkiVm0yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGMKA-roGIjDuXPbLQLVgtCVatIbJvNSqjbMUyt_ekrKjuqm1WvLFCzi_I_dWW9SCkblmNu4umJwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

942 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bm-ou.se%26num%3D50&hl=en&q=EgS117BTGMKA-roGIjDuXPbLQLVgtCVatIbJvNSqjbMUyt_ekrKjuqm1WvLFCzi_I_dWW9SCkblmNu4umJwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGMOA-roGIjDYCaOtj8SiPii78DlMySwD5q9bjDbhUG5jzorrewdg9DYAin7ecewLEpxxGUSMdhYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

895 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Bgzip.org%26num%3D20&hl=en&q=EgS117BTGMOA-roGIjDYCaOtj8SiPii78DlMySwD5q9bjDbhUG5jzorrewdg9DYAin7ecewLEpxxGUSMdhYyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjCWDlseeBavv3SQX1wPkhPjCrmDkpAnQNSd82la-7Z5pwq9vmbfRuDYSrhZo2l1zDIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

896 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bacm.org%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjCWDlseeBavv3SQX1wPkhPjCrmDkpAnQNSd82la-7Z5pwq9vmbfRuDYSrhZo2l1zDIyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Balumni.caltech.edu%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjBy4IXgucIn3X97HFJ8aK353gxXVUnvYtdgm0NQbSzWD6kmpDNx_ASn3ZIwo_fKbW8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

905 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmail%2Balumni.caltech.edu%26num%3D50&hl=en&q=EgS117BTGMOA-roGIjBy4IXgucIn3X97HFJ8aK353gxXVUnvYtdgm0NQbSzWD6kmpDNx_ASn3ZIwo_fKbW8yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjBgpX6d2LPzfSACZg0erKRRr7EcIP0nWhsbuzpU0Mh6pe_8IU_N6AkoNhT5lUzDybsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

905 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bcs.stanford.edu%26num%3D100&hl=en&q=EgS117BTGMOA-roGIjBgpX6d2LPzfSACZg0erKRRr7EcIP0nWhsbuzpU0Mh6pe_8IU_N6AkoNhT5lUzDybsyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bgzip.org%26num%3D50&hl=en&q=EgS117BTGMSA-roGIjAtl-31iGBcZ2hfzdsWwd6cTLZkXsAXE_VO7eSqEi6Sl9etuGMkGPTPym8s4oGjVJoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

943 B
3.8kB
9
6

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Dmailto%2Bgzip.org%26num%3D50&hl=en&q=EgS117BTGMSA-roGIjAtl-31iGBcZ2hfzdsWwd6cTLZkXsAXE_VO7eSqEi6Sl9etuGMkGPTPym8s4oGjVJoyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAetxnddCSwTn8xBkD_qaxIUjE6ROIP9Htkj18WEIfCCZc68yLODq5gx4znWcNbuokyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

897 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3Demail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAetxnddCSwTn8xBkD_qaxIUjE6ROIP9Htkj18WEIfCCZc68yLODq5gx4znWcNbuokyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
172.217.20.164:80

http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAqgFFrXUWWCfueIambQtpLCMcsPvAs7nuhohIBms7qU2KkWt-dPHNginyDKXrhgUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

http

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

898 B
3.8kB
8
5

HTTP Request

GET http://www.google.com/sorry/index?continue=http://www.google.com/search%3Fhl%3Den%26ie%3DUTF-8%26oe%3DUTF-8%26q%3De-mail%2Bgzip.org%26num%3D100&hl=en&q=EgS117BTGMSA-roGIjAqgFFrXUWWCfueIambQtpLCMcsPvAs7nuhohIBms7qU2KkWt-dPHNginyDKXrhgUgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

HTTP Response

429
142.250.150.27:25

aspmx3.googlemail.com

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

208 B
4
104.17.79.30:25

acm.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

208 B
4
171.64.64.25:25

smtp1.cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

208 B
4
171.64.64.25:25

smtp1.cs.stanford.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

208 B
4
65.254.227.224:25

burtleburtle.net

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

208 B
4
204.13.239.180:25

alumni.caltech.edu

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

208 B
4
85.187.148.2:25

gzip.org

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

208 B
4
123.49.14.21:1034

services.exe

104 B
2

8.8.8.8:53

97.17.167.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

97.17.167.52.in-addr.arpa
8.8.8.8:53

182.129.81.91.in-addr.arpa

dns

72 B
147 B
1
1

DNS Request

182.129.81.91.in-addr.arpa
8.8.8.8:53

22.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

22.160.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

196.249.167.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

196.249.167.52.in-addr.arpa
8.8.8.8:53

212.20.149.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

212.20.149.52.in-addr.arpa
8.8.8.8:53

241.42.69.40.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

241.42.69.40.in-addr.arpa
8.8.8.8:53

19.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

19.229.111.52.in-addr.arpa
8.8.8.8:53

m-ou.se

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

53 B
232 B
1
1

DNS Request

m-ou.se
8.8.8.8:53

aspmx5.googlemail.com

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

67 B
83 B
1
1

DNS Request

aspmx5.googlemail.com

DNS Response

142.250.157.27
8.8.8.8:53

acm.org

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

53 B
87 B
1
1

DNS Request

acm.org
8.8.8.8:53

mail.mailroute.net

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

64 B
96 B
1
1

DNS Request

mail.mailroute.net

DNS Response

199.89.1.120

199.89.3.120
8.8.8.8:53

cs.stanford.edu

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

61 B
121 B
1
1

DNS Request

cs.stanford.edu
8.8.8.8:53

smtp2.cs.stanford.edu

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

67 B
83 B
1
1

DNS Request

smtp2.cs.stanford.edu

DNS Response

171.64.64.26
8.8.8.8:53

burtleburtle.net

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

62 B
81 B
1
1

DNS Request

burtleburtle.net
8.8.8.8:53

mx.burtleburtle.net

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

65 B
113 B
1
1

DNS Request

mx.burtleburtle.net

DNS Response

65.254.254.52

65.254.254.50

65.254.254.51
8.8.8.8:53

alumni.caltech.edu

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

64 B
126 B
1
1

DNS Request

alumni.caltech.edu
8.8.8.8:53

alumni-caltech-edu.mail.protection.outlook.com

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

92 B
156 B
1
1

DNS Request

alumni-caltech-edu.mail.protection.outlook.com

DNS Response

52.101.41.21

52.101.42.4

52.101.8.42

52.101.8.36
8.8.8.8:53

gzip.org

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

54 B
70 B
1
1

DNS Request

gzip.org
8.8.8.8:53

gzip.org

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

54 B
70 B
1
1

DNS Request

gzip.org

DNS Response

85.187.148.2
8.8.8.8:53

www.altavista.com

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

63 B
157 B
1
1

DNS Request

www.altavista.com

DNS Response

212.82.100.137
8.8.8.8:53

www.google.com

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

172.217.20.164
8.8.8.8:53

search.yahoo.com

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

62 B
121 B
1
1

DNS Request

search.yahoo.com

DNS Response

212.82.100.137
8.8.8.8:53

137.100.82.212.in-addr.arpa

dns

73 B
119 B
1
1

DNS Request

137.100.82.212.in-addr.arpa
8.8.8.8:53

164.20.217.172.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

164.20.217.172.in-addr.arpa
8.8.8.8:53

search.lycos.com

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

62 B
109 B
1
1

DNS Request

search.lycos.com

DNS Response

209.202.254.10
8.8.8.8:53

r11.o.lencr.org

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

61 B
160 B
1
1

DNS Request

r11.o.lencr.org

DNS Response

2.18.121.71

2.18.121.69
8.8.8.8:53

10.254.202.209.in-addr.arpa

dns

73 B
113 B
1
1

DNS Request

10.254.202.209.in-addr.arpa
8.8.8.8:53

61.45.26.184.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

61.45.26.184.in-addr.arpa
8.8.8.8:53

71.121.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

71.121.18.2.in-addr.arpa
8.8.8.8:53

aspmx3.googlemail.com

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

67 B
83 B
1
1

DNS Request

aspmx3.googlemail.com

DNS Response

142.250.150.27
8.8.8.8:53

acm.org

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

53 B
85 B
1
1

DNS Request

acm.org

DNS Response

104.17.79.30

104.17.78.30
8.8.8.8:53

smtp1.cs.stanford.edu

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

67 B
83 B
1
1

DNS Request

smtp1.cs.stanford.edu

DNS Response

171.64.64.25
8.8.8.8:53

burtleburtle.net

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

124 B
156 B
2
2

DNS Request

burtleburtle.net

DNS Request

burtleburtle.net

DNS Response

65.254.227.224

DNS Response

65.254.227.224
8.8.8.8:53

alumni.caltech.edu

dns

f2d829a52467ede663428c66472126f7_JaffaCakes118.exe

64 B
80 B
1
1

DNS Request

alumni.caltech.edu

DNS Response

204.13.239.180

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\FMGLWGAG\search[2].htm

Filesize
25B

MD5
8ba61a16b71609a08bfa35bc213fce49

SHA1
8374dddcc6b2ede14b0ea00a5870a11b57ced33f

SHA256
6aa63394c1f5e705b1e89c55ff19eed71957e735c3831a845ff62f74824e13f1

SHA512
5855f5b2a78877f7a27ff92eaaa900d81d02486e6e2ea81d80b6f6cf1fe254350444980017e00cdeecdd3c67b86e7acc90cd2d77f06210bdd1d7b1a71d262df1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmp9774.tmp

Filesize
28KB

MD5
53f803d59681dc845377b255ac281bb7

SHA1
490696636f87f3436ff46552d0dd92ba52d5c8b1

SHA256
a29b4981c4fe75a602aa9d629ad18ce2d7868352625d222191e6a87d369f384a

SHA512
93f6f8cb9d3101b929dd401bb4fb21be90cc20599f9091bc1713126aaf8a608183b24d5d59a59f854c8bb57b09db51c16588fe91cd046db075e08efef9ce034a

Download Submit
C:\Users\Admin\AppData\Local\Temp\xs0fkpfakf.log

Filesize
1KB

MD5
3783649ad4d157c8affad041673d963d

SHA1
9d2508c1762e44b440920346136bbac52fd17032

SHA256
fe9865e0ff6ea17204ec09984a2e3d70b92191b6bb02b2e25f8aa67ca4b98aa8

SHA512
1eb9e38b51bb49fef4ead907d25e5a0017822d102950115e5504f8f4b158416b3795c609bea6eb9a030995e551311771b290d99e65860ddbda871df0b64a65b4

Download Submit
C:\Users\Admin\AppData\Local\Temp\zincite.log

Filesize
1KB

MD5
3df8ebb498e247e089e496e8ed315126

SHA1
07cd4efaecc49f94515ef0261f70af762ae61cd4

SHA256
638b3292da8c7514c6718464f9168f078b54a3f48f24ac3b9b8df3215c839c89

SHA512
e5a96d236249b8bb4ce84b14b16acfa88f62415b815707ea8d5bc877232357bcf7e9d143a5d64595cad98d7e252c76254f9f37e83adbbc88f1da65eb3ff2f52f

Download Submit
C:\Users\Admin\AppData\Local\Temp\zincite.log

Filesize
1KB

MD5
c61287ef92ad1ede1305129bd076bfb5

SHA1
9ca14b58ed90ed242ca9d50ecd2732ed6824bcb9

SHA256
aed6bca7f1a682ab03104a08ddd13a38210c5e91a6e60ef91415ef862ff4e8f5

SHA512
0a744514bec67a126d4841c2c9ceaba88f19136589d9f49c99d93a3bc7a1aa155cf9f2a5d529b580cd6b3cf36f4797ffe40b701c85237b0b613726b9b1db11af

Download Submit
C:\Windows\services.exe

Filesize
8KB

MD5
b0fe74719b1b647e2056641931907f4a

SHA1
e858c206d2d1542a79936cb00d85da853bfc95e2

SHA256
bf316f51d0c345d61eaee3940791b64e81f676e3bca42bad61073227bee6653c

SHA512
9c82e88264696d0dadef9c0442ad8d1183e48f0fb355a4fc9bf4fa5db4e27745039f98b1fd1febff620a5ded6dd493227f00d7d2e74b19757685aa8655f921c2

Download Submit
memory/2496-13-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download
memory/2496-164-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download
memory/2496-0-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download
memory/2496-122-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download
memory/2496-168-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download
memory/2496-56-0x0000000000500000-0x0000000000510000-memory.dmp

Filesize
64KB

Download
memory/5032-21-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-33-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-50-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-52-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-40-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-57-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-38-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-45-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-28-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-26-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-123-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-16-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-15-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-165-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-6-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/5032-169-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request