Analysis
-
max time kernel
144s -
max time network
151s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
01-01-2025 23:27
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_6149f9f63d7f4c1bf629d51b47018146.html
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
JaffaCakes118_6149f9f63d7f4c1bf629d51b47018146.html
Resource
win10v2004-20241007-en
General
-
Target
JaffaCakes118_6149f9f63d7f4c1bf629d51b47018146.html
-
Size
84KB
-
MD5
6149f9f63d7f4c1bf629d51b47018146
-
SHA1
5a600807895ed1c6513f34a4b307ec8d65309785
-
SHA256
b1f31ddfcf92547888db28725556a90129159455bcdebdabe8ce233b688193f5
-
SHA512
b06bb7be83f774329468aed96c3010951b881087a92a9bfb366855cc8980958ced2a27be698c369575c97a01b337bbd86219cb1441793e19795c792b50fa97f7
-
SSDEEP
1536:Z55g+xjv/XRyGXmNJUzIfVZeDliFcCHPbkwPYMorHi4X9bAb:Z55BxDAGXmNJUzmZeDliFLHPbksYTrH2
Malware Config
Signatures
-
SocGholish
SocGholish is a JavaScript payload that downloads other malware.
-
Socgholish family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language IEXPLORE.EXE -
description ioc Process Set value (str) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Zoom iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{0BD7E081-C898-11EF-B985-56CF32F83AF3} = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main IEXPLORE.EXE Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IntelliForms iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\InternetRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\IETld\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\LowRegistry iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\PageSetup iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive iexplore.exe Set value (str) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\GPU iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion iexplore.exe Set value (int) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "441935954" iexplore.exe Set value (data) \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main iexplore.exe Key created \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser iexplore.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 1628 iexplore.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 1628 iexplore.exe 1628 iexplore.exe 1224 IEXPLORE.EXE 1224 IEXPLORE.EXE 1224 IEXPLORE.EXE 1224 IEXPLORE.EXE -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 1628 wrote to memory of 1224 1628 iexplore.exe 30 PID 1628 wrote to memory of 1224 1628 iexplore.exe 30 PID 1628 wrote to memory of 1224 1628 iexplore.exe 30 PID 1628 wrote to memory of 1224 1628 iexplore.exe 30
Processes
-
C:\Program Files\Internet Explorer\iexplore.exe"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_6149f9f63d7f4c1bf629d51b47018146.html1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1628 -
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1628 CREDAT:275457 /prefetch:22⤵
- System Location Discovery: System Language Discovery
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1224
-
Network
-
Remote address:8.8.8.8:53Request3.bp.blogspot.comIN AResponse3.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A216.58.215.33
-
Remote address:8.8.8.8:53Requestwww.blogger.comIN AResponsewww.blogger.comIN CNAMEblogger.l.google.comblogger.l.google.comIN A216.58.214.169
-
Remote address:8.8.8.8:53Requestapis.google.comIN AResponseapis.google.comIN CNAMEplus.l.google.complus.l.google.comIN A142.250.179.78
-
Remote address:8.8.8.8:53Requestajax.googleapis.comIN AResponseajax.googleapis.comIN A142.250.201.170
-
Remote address:8.8.8.8:53Requestimg2.blogblog.comIN AResponseimg2.blogblog.comIN CNAMEblogger.l.google.comblogger.l.google.comIN A216.58.214.169
-
Remote address:8.8.8.8:53Requestwww.linkwithin.comIN AResponsewww.linkwithin.comIN CNAMElinkwithin.comlinkwithin.comIN A118.139.179.30
-
Remote address:8.8.8.8:53Request4.bp.blogspot.comIN AResponse4.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A216.58.215.33
-
Remote address:8.8.8.8:53Request2.bp.blogspot.comIN AResponse2.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A216.58.215.33
-
GEThttp://3.bp.blogspot.com/-Krn0dLFXIDQ/UYQhQ3-skII/AAAAAAAAIfs/qAnJ0smJSXQ/s000/email.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-Krn0dLFXIDQ/UYQhQ3-skII/AAAAAAAAIfs/qAnJ0smJSXQ/s000/email.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="email.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1115
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21fc"
Content-Type: image/png
Vary: Origin
Age: 3
-
Remote address:142.250.179.78:443RequestGET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Date: Wed, 01 Jan 2025 23:28:08 GMT
Expires: Wed, 01 Jan 2025 23:28:08 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "8a9123f6cf0cb51d"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scsIEXPLORE.EXERemote address:142.250.179.78:443RequestGET /_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 54256
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Dec 2024 09:07:55 GMT
Expires: Sun, 28 Dec 2025 09:07:55 GMT
Cache-Control: public, max-age=31536000
Age: 397213
Last-Modified: Mon, 02 Dec 2024 19:38:27 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scsIEXPLORE.EXERemote address:142.250.179.78:443RequestGET /_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scs HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
Content-Length: 14573
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Dec 2024 01:50:49 GMT
Expires: Wed, 31 Dec 2025 01:50:49 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 02 Dec 2024 19:38:27 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 164240
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttp://3.bp.blogspot.com/-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s72-c/ATNY2.jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s72-c/ATNY2.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="ATNY2.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3975
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v8f"
Content-Type: image/jpeg
Vary: Origin
Age: 3
-
GEThttp://3.bp.blogspot.com/-edLIJwCUUfg/UYQhIn_nrhI/AAAAAAAAIeU/NgaE0a3GPho/s000/tabs-bg.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-edLIJwCUUfg/UYQhIn_nrhI/AAAAAAAAIeU/NgaE0a3GPho/s000/tabs-bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v21e6"
Expires: Thu, 02 Jan 2025 23:28:09 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="tabs-bg.png"
X-Content-Type-Options: nosniff
Date: Wed, 01 Jan 2025 23:28:09 GMT
Server: fife
Content-Length: 280
X-XSS-Protection: 0
-
Remote address:118.139.179.30:80RequestGET /widget.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.linkwithin.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
-
Remote address:142.250.201.170:443RequestGET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Dec 2024 04:12:24 GMT
Expires: Sun, 28 Dec 2025 04:12:24 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 414944
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:142.250.179.78:80RequestGET /js/plusone.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: apis.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Content-Length: 24179
Date: Wed, 01 Jan 2025 23:28:07 GMT
Expires: Wed, 01 Jan 2025 23:28:07 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "8a9123f6cf0cb51d"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
-
Remote address:142.250.201.170:80RequestGET /css?family=Oswald HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: fonts.googleapis.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Wed, 01 Jan 2025 23:28:07 GMT
Date: Wed, 01 Jan 2025 23:28:07 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
-
Remote address:216.58.214.169:443RequestGET /static/v1/widgets/1394523530-widget_css_bundle.css HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 6667
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Dec 2024 01:50:49 GMT
Expires: Wed, 31 Dec 2025 01:50:49 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Fri, 12 Nov 2021 02:51:58 GMT
Content-Type: text/css
Vary: Accept-Encoding
Age: 164239
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:216.58.214.169:443RequestGET /static/v1/jsbin/2517944472-comment_from_post_iframe.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 6492
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Dec 2024 02:29:51 GMT
Expires: Wed, 31 Dec 2025 02:29:51 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 09 Nov 2021 23:04:08 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 161897
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:216.58.214.169:443RequestGET /static/v1/widgets/2918676466-widgets.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 57168
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Dec 2024 02:19:50 GMT
Expires: Wed, 31 Dec 2025 02:19:50 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 18 Oct 2021 21:53:57 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
Age: 162498
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.blogger.com/dyn-css/authorization.css?targetBlogID=896883900501233879&zx=9863af3f-6b64-4c6a-95e1-10e2b0360d4aIEXPLORE.EXERemote address:216.58.214.169:443RequestGET /dyn-css/authorization.css?targetBlogID=896883900501233879&zx=9863af3f-6b64-4c6a-95e1-10e2b0360d4a HTTP/1.1
Accept: text/css, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 01 Jan 2025 23:28:08 GMT
Last-Modified: Wed, 01 Jan 2025 23:28:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttps://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389IEXPLORE.EXERemote address:216.58.214.169:443RequestGET /comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 302 Moved Temporarily
Location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=true
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 01 Jan 2025 23:28:09 GMT
Expires: Wed, 01 Jan 2025 23:28:09 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
Remote address:216.58.214.169:443RequestGET /img/share_buttons_20_3.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 5080
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Dec 2024 08:28:15 GMT
Expires: Sat, 04 Jan 2025 08:28:15 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 27 Dec 2024 15:53:46 GMT
Content-Type: image/png
Age: 399594
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
GEThttps://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1IEXPLORE.EXERemote address:216.58.214.169:443RequestGET /comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.blogger.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 01 Jan 2025 23:28:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: S=blogger=h0aYHlQcQEnEpijAKKGRHjDjPjuFK12fw93Zn8X8z5M; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding: chunked
-
GEThttp://3.bp.blogspot.com/-DRDSfuuwUQw/UhHVb1BBXgI/AAAAAAAAAEo/WE2Ed4xQWaw/s72-c/1000574_409215192515738_1825340140_n.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-DRDSfuuwUQw/UhHVb1BBXgI/AAAAAAAAAEo/WE2Ed4xQWaw/s72-c/1000574_409215192515738_1825340140_n.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1000574_409215192515738_1825340140_n.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 11968
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:05 GMT
Expires: Thu, 02 Jan 2025 23:28:05 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4a"
Content-Type: image/png
Vary: Origin
Age: 2
-
GEThttp://3.bp.blogspot.com/-A-Dhf5taRnU/Ui2erh8wJWI/AAAAAAAAAG8/Yq0wLzSuTtU/s72-c/1240157_417856921651565_648629685_n.jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-A-Dhf5taRnU/Ui2erh8wJWI/AAAAAAAAAG8/Yq0wLzSuTtU/s72-c/1240157_417856921651565_648629685_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1240157_417856921651565_648629685_n.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4674
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:05 GMT
Expires: Thu, 02 Jan 2025 23:28:05 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v70"
Content-Type: image/jpeg
Vary: Origin
Age: 2
-
GEThttp://3.bp.blogspot.com/-2R32u7o1pRw/UhbwQLxuB7I/AAAAAAAAAF4/1xPGtqEUDqE/s72-c/AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-2R32u7o1pRw/UhbwQLxuB7I/AAAAAAAAAF4/1xPGtqEUDqE/s72-c/AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3658
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5f"
Content-Type: image/jpeg
Vary: Origin
Age: 3
-
Remote address:172.217.20.162:80RequestGET /pagead/show_ads.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: pagead2.googlesyndication.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Wed, 01 Jan 2025 23:28:07 GMT
Expires: Wed, 01 Jan 2025 23:28:07 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 8517436246324098121
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 15483
X-XSS-Protection: 0
-
Remote address:118.139.179.30:80RequestGET /pixel.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.linkwithin.com
Connection: Keep-Alive
ResponseHTTP/1.1 404 Not Found
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
-
Remote address:216.58.214.169:80RequestGET /img/icon18_edit_allbkg.gif HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: img2.blogblog.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 162
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Dec 2024 08:10:43 GMT
Expires: Sat, 04 Jan 2025 08:10:43 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 27 Dec 2024 15:53:46 GMT
Content-Type: image/gif
Age: 400644
-
GEThttp://2.bp.blogspot.com/-OwwR07ZMvLg/UYQhPOOwEQI/AAAAAAAAIfc/lSKW0zJJ1aY/s000/linkedin.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-OwwR07ZMvLg/UYQhPOOwEQI/AAAAAAAAIfc/lSKW0zJJ1aY/s000/linkedin.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="linkedin.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1036
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21f8"
Content-Type: image/png
Vary: Origin
Age: 3
-
GEThttp://2.bp.blogspot.com/-4E6xibLah1M/UYQhOl314WI/AAAAAAAAIfU/qJFDdp4-xgA/s000/gplus.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-4E6xibLah1M/UYQhOl314WI/AAAAAAAAIfU/qJFDdp4-xgA/s000/gplus.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gplus.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4436
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21f6"
Content-Type: image/png
Vary: Origin
Age: 3
-
GEThttp://2.bp.blogspot.com/-q2y6zfaeX0M/UjHNv_y8ZDI/AAAAAAAAAJY/qt0VM0TlI8o/s72-c/jupe(1).jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-q2y6zfaeX0M/UjHNv_y8ZDI/AAAAAAAAAJY/qt0VM0TlI8o/s72-c/jupe(1).jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="jupe(1).jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3434
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v97"
Content-Type: image/jpeg
Vary: Origin
Age: 3
-
Remote address:142.250.201.170:80RequestGET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: ajax.googleapis.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 85925
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Dec 2024 02:17:02 GMT
Expires: Sun, 28 Dec 2025 02:17:02 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 421865
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
-
GEThttp://2.bp.blogspot.com/-N6km-8UW6Vc/UkV_NRL_exI/AAAAAAAAAJo/TrWP939E88w/s72-c/xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-N6km-8UW6Vc/UkV_NRL_exI/AAAAAAAAAJo/TrWP939E88w/s72-c/xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4254
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v9b"
Content-Type: image/jpeg
Vary: Origin
Age: 3
-
GEThttp://4.bp.blogspot.com/-YazvPOZfDJU/UYQhN11Ko2I/AAAAAAAAIfM/AQEY4Q_HPjA/s000/facebook.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-YazvPOZfDJU/UYQhN11Ko2I/AAAAAAAAIfM/AQEY4Q_HPjA/s000/facebook.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="facebook.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 955
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21f4"
Content-Type: image/png
Vary: Origin
Age: 3
-
GEThttp://4.bp.blogspot.com/-u-tp28Udd9I/UYQhNmb7k4I/AAAAAAAAIfE/D6Iiu2abkSA/s000/twitter.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-u-tp28Udd9I/UYQhNmb7k4I/AAAAAAAAIfE/D6Iiu2abkSA/s000/twitter.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="twitter.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 962
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21f2"
Content-Type: image/png
Vary: Origin
Age: 3
-
GEThttp://2.bp.blogspot.com/-DnxXMaoWDD8/Ui266e8vRkI/AAAAAAAAAH8/9chAlZWGkXU/s72-c/IMG_4801(1).jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-DnxXMaoWDD8/Ui266e8vRkI/AAAAAAAAAH8/9chAlZWGkXU/s72-c/IMG_4801(1).jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="IMG_4801(1).jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2956
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:05 GMT
Expires: Thu, 02 Jan 2025 23:28:05 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v80"
Content-Type: image/jpeg
Vary: Origin
Age: 2
-
GEThttp://2.bp.blogspot.com/-u_Pb11o3ReU/UYQg8g5OHwI/AAAAAAAAIcE/EyCD1C318S4/s000/wrapper-bg.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-u_Pb11o3ReU/UYQg8g5OHwI/AAAAAAAAIcE/EyCD1C318S4/s000/wrapper-bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="wrapper-bg.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 259
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21c2"
Content-Type: image/png
Vary: Origin
Age: 5
-
GEThttp://2.bp.blogspot.com/-frPNWYzkXRs/UYQg-Kwg9bI/AAAAAAAAIcc/bv1ssYTqnss/s000/comments.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-frPNWYzkXRs/UYQg-Kwg9bI/AAAAAAAAIcc/bv1ssYTqnss/s000/comments.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 2.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="comments.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 785
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:05 GMT
Expires: Thu, 02 Jan 2025 23:28:05 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21c8"
Content-Type: image/png
Vary: Origin
Age: 4
-
GEThttp://4.bp.blogspot.com/-miEE80dX7dY/UYQhP1s1jwI/AAAAAAAAIfk/7NYy8_vGvQ0/s000/rss.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-miEE80dX7dY/UYQhP1s1jwI/AAAAAAAAIfk/7NYy8_vGvQ0/s000/rss.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rss.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1517
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21fa"
Content-Type: image/png
Vary: Origin
Age: 3
-
GEThttp://4.bp.blogspot.com/-15xFzZnJNMA/Ui7uZ1l-rAI/AAAAAAAAAIM/SLCTuYTCDNs/s72-c/1237172_703041469725939_854811160_n.jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-15xFzZnJNMA/Ui7uZ1l-rAI/AAAAAAAAAIM/SLCTuYTCDNs/s72-c/1237172_703041469725939_854811160_n.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1237172_703041469725939_854811160_n.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3519
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v84"
Content-Type: image/jpeg
Vary: Origin
Age: 3
-
GEThttp://4.bp.blogspot.com/-wiZtwnOMxbE/UhHV5vfNMoI/AAAAAAAAAEs/Vf0Rf-FiX9s/s72-c/rita-aidil-baru.jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-wiZtwnOMxbE/UhHV5vfNMoI/AAAAAAAAAEs/Vf0Rf-FiX9s/s72-c/rita-aidil-baru.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rita-aidil-baru.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3817
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:05 GMT
Expires: Thu, 02 Jan 2025 23:28:05 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4c"
Content-Type: image/jpeg
Vary: Origin
Age: 2
-
GEThttp://4.bp.blogspot.com/-Pom3P58xktY/UYQhC7uC9-I/AAAAAAAAIc8/SK4d1V0XDPg/s000/footer-bg.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-Pom3P58xktY/UYQhC7uC9-I/AAAAAAAAIc8/SK4d1V0XDPg/s000/footer-bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
ETag: "v21d0"
Expires: Thu, 02 Jan 2025 23:28:10 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="footer-bg.png"
X-Content-Type-Options: nosniff
Date: Wed, 01 Jan 2025 23:28:10 GMT
Server: fife
Content-Length: 233
X-XSS-Protection: 0
-
GEThttp://3.bp.blogspot.com/-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s1600/ATNY2.jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s1600/ATNY2.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="ATNY2.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 38099
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v8f"
Content-Type: image/jpeg
Vary: Origin
Age: 3
-
GEThttp://3.bp.blogspot.com/-pQJk3V96rqI/UYQg-pkX4HI/AAAAAAAAIck/qYYceBPC0VM/s000/category.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-pQJk3V96rqI/UYQg-pkX4HI/AAAAAAAAIck/qYYceBPC0VM/s000/category.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 3.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="category.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 690
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:05 GMT
Expires: Thu, 02 Jan 2025 23:28:05 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21ca"
Content-Type: image/png
Vary: Origin
Age: 4
-
GEThttp://4.bp.blogspot.com/-KogsprlWx6E/Ui7zLGykQdI/AAAAAAAAAIc/t85adyR7ke8/s72-c/9102013_anakannebaru-a.jpgIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-KogsprlWx6E/Ui7zLGykQdI/AAAAAAAAAIc/t85adyR7ke8/s72-c/9102013_anakannebaru-a.jpg HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="9102013_anakannebaru-a.jpg"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3182
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:05 GMT
Expires: Thu, 02 Jan 2025 23:28:05 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v88"
Content-Type: image/jpeg
Vary: Origin
Age: 2
-
GEThttp://4.bp.blogspot.com/-Bwq6mBzNOAU/UYQg76_0_CI/AAAAAAAAIb8/MkWfQIGg0V8/s000/background.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-Bwq6mBzNOAU/UYQg76_0_CI/AAAAAAAAIb8/MkWfQIGg0V8/s000/background.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="background.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 202
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21c0"
Content-Type: image/png
Vary: Origin
Age: 5
-
GEThttp://4.bp.blogspot.com/-lW9h3urNutM/UYQhDRVEHfI/AAAAAAAAIdI/5FNAaWPfVJQ/s000/search.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-lW9h3urNutM/UYQhDRVEHfI/AAAAAAAAIdI/5FNAaWPfVJQ/s000/search.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="search.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 450
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21d4"
Content-Type: image/png
Vary: Origin
Age: 5
-
GEThttp://4.bp.blogspot.com/-ZNFvado-lKw/UYQg9D_78GI/AAAAAAAAIcM/ln4KxyHm618/s000/date.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-ZNFvado-lKw/UYQg9D_78GI/AAAAAAAAIcM/ln4KxyHm618/s000/date.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 4.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="date.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 918
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:05 GMT
Expires: Thu, 02 Jan 2025 23:28:05 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21c4"
Content-Type: image/png
Vary: Origin
Age: 4
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requestc.pki.googIN AResponsec.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:142.250.179.67:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:07:48 GMT
Expires: Wed, 01 Jan 2025 23:57:48 GMT
Cache-Control: public, max-age=3000
Age: 1219
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.179.67:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:07:48 GMT
Expires: Wed, 01 Jan 2025 23:57:48 GMT
Cache-Control: public, max-age=3000
Age: 1219
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.179.67:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:07:48 GMT
Expires: Wed, 01 Jan 2025 23:57:48 GMT
Cache-Control: public, max-age=3000
Age: 1219
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.179.67:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:07:48 GMT
Expires: Wed, 01 Jan 2025 23:57:48 GMT
Cache-Control: public, max-age=3000
Age: 1219
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.179.67:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:07:48 GMT
Expires: Wed, 01 Jan 2025 23:57:48 GMT
Cache-Control: public, max-age=3000
Age: 1219
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.179.67:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:07:48 GMT
Expires: Wed, 01 Jan 2025 23:57:48 GMT
Cache-Control: public, max-age=3000
Age: 1219
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:142.250.179.67:80RequestGET /r/r1.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: c.pki.goog
ResponseHTTP/1.1 200 OK
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 854
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:07:48 GMT
Expires: Wed, 01 Jan 2025 23:57:48 GMT
Cache-Control: public, max-age=3000
Age: 1219
Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
Content-Type: application/pkix-crl
Vary: Accept-Encoding
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
Remote address:8.8.8.8:53Requesto.pki.googIN AResponseo.pki.googIN CNAMEpki-goog.l.google.compki-goog.l.google.comIN A142.250.179.67
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 23:03:44 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1464
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soSIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 23:23:01 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 308
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3DIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 22:28:42 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 3566
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7EwIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 23:03:44 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1465
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZbIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 22:38:24 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 2984
-
GEThttp://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7EwIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 23:03:44 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1465
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 23:03:44 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1464
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 23:03:44 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1464
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 23:03:44 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 1464
-
GEThttp://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3DIEXPLORE.EXERemote address:142.250.179.67:80RequestGET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/6.1
Host: o.pki.goog
ResponseHTTP/1.1 200 OK
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Date: Wed, 01 Jan 2025 22:28:42 GMT
Cache-Control: public, max-age=14400
Content-Type: application/ocsp-response
Age: 3566
-
Remote address:8.8.8.8:53Request1.bp.blogspot.comIN AResponse1.bp.blogspot.comIN CNAMEphotos-ugc.l.googleusercontent.comphotos-ugc.l.googleusercontent.comIN A216.58.215.33
-
Remote address:172.217.20.163:80RequestGET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Origin: file:
Accept-Encoding: gzip, deflate
Host: fonts.gstatic.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15512
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Dec 2024 16:08:57 GMT
Expires: Sat, 27 Dec 2025 16:08:57 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 15 Aug 2023 18:49:40 GMT
Content-Type: font/woff
Age: 458352
-
GEThttp://1.bp.blogspot.com/-kRrAzt4n09A/UYQhFDEAQOI/AAAAAAAAIdk/m3h3TLA9E2k/s000/menu-secondary-bg.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-kRrAzt4n09A/UYQhFDEAQOI/AAAAAAAAIdk/m3h3TLA9E2k/s000/menu-secondary-bg.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="menu-secondary-bg.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 244
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21da"
Content-Type: image/png
Vary: Origin
Age: 5
-
GEThttp://1.bp.blogspot.com/-dMs0c7VTy50/UYQhFnCbEGI/AAAAAAAAIds/uZF0bKPSe0U/s000/menu-secondary-separator.pngIEXPLORE.EXERemote address:216.58.215.33:80RequestGET /-dMs0c7VTy50/UYQhFnCbEGI/AAAAAAAAIds/uZF0bKPSe0U/s000/menu-secondary-separator.png HTTP/1.1
Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: 1.bp.blogspot.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Timing-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="menu-secondary-separator.png"
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 197
X-XSS-Protection: 0
Date: Wed, 01 Jan 2025 23:28:04 GMT
Expires: Thu, 02 Jan 2025 23:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v21dc"
Content-Type: image/png
Vary: Origin
Age: 5
-
Remote address:8.8.8.8:53Requestwidgets.amung.usIN AResponsewidgets.amung.usIN A104.22.74.171widgets.amung.usIN A104.22.75.171widgets.amung.usIN A172.67.8.141
-
Remote address:8.8.8.8:53Requestwww.facebook.comIN AResponsewww.facebook.comIN CNAMEstar-mini.c10r.facebook.comstar-mini.c10r.facebook.comIN A157.240.221.35
-
Remote address:104.22.74.171:80RequestGET /small.js HTTP/1.1
Accept: application/javascript, */*;q=0.8
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: widgets.amung.us
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 26 Dec 2024 22:59:25 GMT
etag: W/"676ddfcd-2170"
expires: Thu, 02 Jan 2025 22:53:39 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 2070
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8fb648bc3bacf662-LHR
alt-svc: h3=":443"; ma=86400
-
GEThttp://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21IEXPLORE.EXERemote address:157.240.221.35:80RequestGET /plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive
ResponseHTTP/1.1 301 Moved Permanently
Content-Type: text/plain
Server: proxygen-bolt
Date: Wed, 01 Jan 2025 23:28:09 GMT
Connection: keep-alive
Content-Length: 0
-
Remote address:8.8.8.8:53Requestaccounts.google.comIN AResponseaccounts.google.comIN A142.250.27.84
-
GEThttps://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21IEXPLORE.EXERemote address:157.240.221.35:443RequestGET /plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: www.facebook.com
Connection: Keep-Alive
ResponseHTTP/1.1 200 OK
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455092949859912001"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455092949859912001"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455092949859912001"}],"group":"network-errors"}
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-FB-Debug: Lg6h6ZSdjAKGz0enBbs3SCJKqBWDcXt2UgSQ7h6wUidmESxIwtQQcP6+OnHhprTBknj6MCJrvaaBY7PgVOETXg==
Date: Wed, 01 Jan 2025 23:28:10 GMT
X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=42, rtx=1, c=10, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=21, ullat=0
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 0
-
GEThttps://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=trueIEXPLORE.EXERemote address:142.250.27.84:443RequestGET /ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=true HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: accounts.google.com
Connection: Keep-Alive
ResponseHTTP/1.1 302 Found
Set-Cookie: __Host-GAPS=1:Wo1AhMd1s8RRisMOyTNblp-w6JW0Vg:mUAM2o9l72-mzWMg; Expires=Fri, 01-Jan-2027 23:28:09 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 01 Jan 2025 23:28:09 GMT
Location: https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Cross-Origin-Opener-Policy: unsafe-none
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Security-Policy: script-src 'nonce-ocIbzSZIldZ5OijOwUc6Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
Cross-Origin-Resource-Policy: cross-origin
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A95.100.245.144
-
Remote address:95.100.245.144:80RequestGET /pkiops/crl/MicCodSigPCA2011_2011-07-08.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Sun, 18 Aug 2024 00:23:49 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: www.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-MD5: PjrtHAukbJio72s77Ag5mA==
Last-Modified: Thu, 31 Oct 2024 23:26:09 GMT
ETag: 0x8DCFA0366D6C4CA
x-ms-request-id: 14da558d-d01e-0039-0aee-2bacf6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 01 Jan 2025 23:28:38 GMT
Connection: keep-alive
TLS_version: UNKNOWN
ms-cv: CASMicrosoftCV2155b9bf.0
ms-cv-esi: CASMicrosoftCV2155b9bf.0
X-RTag: RT
-
Remote address:8.8.8.8:53Requestcrl.microsoft.comIN AResponsecrl.microsoft.comIN CNAMEcrl.www.ms.akadns.netcrl.www.ms.akadns.netIN CNAMEa1363.dscg.akamai.neta1363.dscg.akamai.netIN A88.221.134.83a1363.dscg.akamai.netIN A88.221.134.146
-
Remote address:88.221.134.83:80RequestGET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
Connection: Keep-Alive
Accept: */*
If-Modified-Since: Thu, 26 Sep 2024 02:21:11 GMT
User-Agent: Microsoft-CryptoAPI/6.1
Host: crl.microsoft.com
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-MD5: +oTkvMkqpdtzWrUHEQQM3g==
Last-Modified: Thu, 12 Dec 2024 00:06:56 GMT
ETag: 0x8DD1A40E476D877
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 729f9bbc-001e-0005-142b-4c8531000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 01 Jan 2025 23:28:38 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A95.100.245.144
-
Remote address:8.8.8.8:53Requestwww.microsoft.comIN AResponsewww.microsoft.comIN CNAMEwww.microsoft.com-c-3.edgekey.netwww.microsoft.com-c-3.edgekey.netIN CNAMEwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netwww.microsoft.com-c-3.edgekey.net.globalredir.akadns.netIN CNAMEe13678.dscb.akamaiedge.nete13678.dscb.akamaiedge.netIN A95.100.245.144
-
216.58.215.33:80http://3.bp.blogspot.com/-Krn0dLFXIDQ/UYQhQ3-skII/AAAAAAAAIfs/qAnJ0smJSXQ/s000/email.pnghttpIEXPLORE.EXE650 B 1.8kB 7 5
HTTP Request
GET http://3.bp.blogspot.com/-Krn0dLFXIDQ/UYQhQ3-skII/AAAAAAAAIfs/qAnJ0smJSXQ/s000/email.pngHTTP Response
200 -
142.250.179.78:443https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scstls, httpIEXPLORE.EXE3.7kB 105.9kB 50 84
HTTP Request
GET https://apis.google.com/js/plusone.jsHTTP Response
200HTTP Request
GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scsHTTP Response
200HTTP Request
GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scsHTTP Response
200 -
216.58.215.33:80http://3.bp.blogspot.com/-edLIJwCUUfg/UYQhIn_nrhI/AAAAAAAAIeU/NgaE0a3GPho/s000/tabs-bg.pnghttpIEXPLORE.EXE1.1kB 6.3kB 10 10
HTTP Request
GET http://3.bp.blogspot.com/-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s72-c/ATNY2.jpgHTTP Response
200HTTP Request
GET http://3.bp.blogspot.com/-edLIJwCUUfg/UYQhIn_nrhI/AAAAAAAAIeU/NgaE0a3GPho/s000/tabs-bg.pngHTTP Response
200 -
764 B 679 B 11 4
HTTP Request
GET http://www.linkwithin.com/widget.jsHTTP Response
404 -
142.250.201.170:443https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.jstls, httpIEXPLORE.EXE1.8kB 41.6kB 25 36
HTTP Request
GET https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.jsHTTP Response
200 -
995 B 25.9kB 16 22
HTTP Request
GET http://apis.google.com/js/plusone.jsHTTP Response
200 -
524 B 946 B 6 5
HTTP Request
GET http://fonts.googleapis.com/css?family=OswaldHTTP Response
200 -
216.58.214.169:443https://www.blogger.com/static/v1/jsbin/2517944472-comment_from_post_iframe.jstls, httpIEXPLORE.EXE1.6kB 19.8kB 15 19
HTTP Request
GET https://www.blogger.com/static/v1/widgets/1394523530-widget_css_bundle.cssHTTP Response
200HTTP Request
GET https://www.blogger.com/static/v1/jsbin/2517944472-comment_from_post_iframe.jsHTTP Response
200 -
614 B 4.5kB 7 8
-
216.58.214.169:443https://www.blogger.com/static/v1/widgets/2918676466-widgets.jstls, httpIEXPLORE.EXE2.0kB 65.5kB 31 52
HTTP Request
GET https://www.blogger.com/static/v1/widgets/2918676466-widgets.jsHTTP Response
200 -
216.58.214.169:443https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1tls, httpIEXPLORE.EXE2.6kB 16.9kB 19 27
HTTP Request
GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=896883900501233879&zx=9863af3f-6b64-4c6a-95e1-10e2b0360d4aHTTP Response
200HTTP Request
GET https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389HTTP Response
302HTTP Request
GET https://www.blogger.com/img/share_buttons_20_3.pngHTTP Response
200HTTP Request
GET https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1HTTP Response
200 -
710 B 4.9kB 9 9
-
216.58.215.33:80http://3.bp.blogspot.com/-DRDSfuuwUQw/UhHVb1BBXgI/AAAAAAAAAEo/WE2Ed4xQWaw/s72-c/1000574_409215192515738_1825340140_n.pnghttpIEXPLORE.EXE866 B 13.0kB 11 13
HTTP Request
GET http://3.bp.blogspot.com/-DRDSfuuwUQw/UhHVb1BBXgI/AAAAAAAAAEo/WE2Ed4xQWaw/s72-c/1000574_409215192515738_1825340140_n.pngHTTP Response
200 -
216.58.215.33:80http://3.bp.blogspot.com/-A-Dhf5taRnU/Ui2erh8wJWI/AAAAAAAAAG8/Yq0wLzSuTtU/s72-c/1240157_417856921651565_648629685_n.jpghttpIEXPLORE.EXE681 B 5.4kB 7 7
HTTP Request
GET http://3.bp.blogspot.com/-A-Dhf5taRnU/Ui2erh8wJWI/AAAAAAAAAG8/Yq0wLzSuTtU/s72-c/1240157_417856921651565_648629685_n.jpgHTTP Response
200 -
216.58.215.33:80http://3.bp.blogspot.com/-2R32u7o1pRw/UhbwQLxuB7I/AAAAAAAAAF4/1xPGtqEUDqE/s72-c/AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpghttpIEXPLORE.EXE677 B 4.4kB 7 7
HTTP Request
GET http://3.bp.blogspot.com/-2R32u7o1pRw/UhbwQLxuB7I/AAAAAAAAAF4/1xPGtqEUDqE/s72-c/AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpgHTTP Response
200 -
830 B 16.7kB 12 15
HTTP Request
GET http://pagead2.googlesyndication.com/pagead/show_ads.jsHTTP Response
200 -
781 B 679 B 11 4
HTTP Request
GET http://www.linkwithin.com/pixel.pngHTTP Response
404 -
665 B 1.7kB 8 5
HTTP Request
GET http://img2.blogblog.com/img/icon18_edit_allbkg.gifHTTP Response
200 -
190 B 92 B 4 2
-
236 B 92 B 5 2
-
216.58.215.33:80http://2.bp.blogspot.com/-OwwR07ZMvLg/UYQhPOOwEQI/AAAAAAAAIfc/lSKW0zJJ1aY/s000/linkedin.pnghttpIEXPLORE.EXE653 B 1.7kB 7 5
HTTP Request
GET http://2.bp.blogspot.com/-OwwR07ZMvLg/UYQhPOOwEQI/AAAAAAAAIfc/lSKW0zJJ1aY/s000/linkedin.pngHTTP Response
200 -
216.58.215.33:80http://2.bp.blogspot.com/-4E6xibLah1M/UYQhOl314WI/AAAAAAAAIfU/qJFDdp4-xgA/s000/gplus.pnghttpIEXPLORE.EXE696 B 5.2kB 8 7
HTTP Request
GET http://2.bp.blogspot.com/-4E6xibLah1M/UYQhOl314WI/AAAAAAAAIfU/qJFDdp4-xgA/s000/gplus.pngHTTP Response
200 -
216.58.215.33:80http://2.bp.blogspot.com/-q2y6zfaeX0M/UjHNv_y8ZDI/AAAAAAAAAJY/qt0VM0TlI8o/s72-c/jupe(1).jpghttpIEXPLORE.EXE699 B 4.1kB 8 6
HTTP Request
GET http://2.bp.blogspot.com/-q2y6zfaeX0M/UjHNv_y8ZDI/AAAAAAAAAJY/qt0VM0TlI8o/s72-c/jupe(1).jpgHTTP Response
200 -
142.250.201.170:80http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.jshttpIEXPLORE.EXE2.0kB 89.5kB 38 67
HTTP Request
GET http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.jsHTTP Response
200 -
216.58.215.33:80http://2.bp.blogspot.com/-N6km-8UW6Vc/UkV_NRL_exI/AAAAAAAAAJo/TrWP939E88w/s72-c/xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpghttpIEXPLORE.EXE679 B 5.0kB 7 7
HTTP Request
GET http://2.bp.blogspot.com/-N6km-8UW6Vc/UkV_NRL_exI/AAAAAAAAAJo/TrWP939E88w/s72-c/xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpgHTTP Response
200 -
216.58.215.33:80http://4.bp.blogspot.com/-YazvPOZfDJU/UYQhN11Ko2I/AAAAAAAAIfM/AQEY4Q_HPjA/s000/facebook.pnghttpIEXPLORE.EXE653 B 1.6kB 7 5
HTTP Request
GET http://4.bp.blogspot.com/-YazvPOZfDJU/UYQhN11Ko2I/AAAAAAAAIfM/AQEY4Q_HPjA/s000/facebook.pngHTTP Response
200 -
216.58.215.33:80http://4.bp.blogspot.com/-u-tp28Udd9I/UYQhNmb7k4I/AAAAAAAAIfE/D6Iiu2abkSA/s000/twitter.pnghttpIEXPLORE.EXE652 B 1.6kB 7 5
HTTP Request
GET http://4.bp.blogspot.com/-u-tp28Udd9I/UYQhNmb7k4I/AAAAAAAAIfE/D6Iiu2abkSA/s000/twitter.pngHTTP Response
200 -
216.58.215.33:80http://2.bp.blogspot.com/-frPNWYzkXRs/UYQg-Kwg9bI/AAAAAAAAIcc/bv1ssYTqnss/s000/comments.pnghttpIEXPLORE.EXE1.5kB 5.7kB 11 8
HTTP Request
GET http://2.bp.blogspot.com/-DnxXMaoWDD8/Ui266e8vRkI/AAAAAAAAAH8/9chAlZWGkXU/s72-c/IMG_4801(1).jpgHTTP Response
200HTTP Request
GET http://2.bp.blogspot.com/-u_Pb11o3ReU/UYQg8g5OHwI/AAAAAAAAIcE/EyCD1C318S4/s000/wrapper-bg.pngHTTP Response
200HTTP Request
GET http://2.bp.blogspot.com/-frPNWYzkXRs/UYQg-Kwg9bI/AAAAAAAAIcc/bv1ssYTqnss/s000/comments.pngHTTP Response
200 -
216.58.215.33:80http://4.bp.blogspot.com/-miEE80dX7dY/UYQhP1s1jwI/AAAAAAAAIfk/7NYy8_vGvQ0/s000/rss.pnghttpIEXPLORE.EXE648 B 2.2kB 7 5
HTTP Request
GET http://4.bp.blogspot.com/-miEE80dX7dY/UYQhP1s1jwI/AAAAAAAAIfk/7NYy8_vGvQ0/s000/rss.pngHTTP Response
200 -
216.58.215.33:80http://4.bp.blogspot.com/-15xFzZnJNMA/Ui7uZ1l-rAI/AAAAAAAAAIM/SLCTuYTCDNs/s72-c/1237172_703041469725939_854811160_n.jpghttpIEXPLORE.EXE727 B 4.3kB 8 6
HTTP Request
GET http://4.bp.blogspot.com/-15xFzZnJNMA/Ui7uZ1l-rAI/AAAAAAAAAIM/SLCTuYTCDNs/s72-c/1237172_703041469725939_854811160_n.jpgHTTP Response
200 -
216.58.215.33:80http://4.bp.blogspot.com/-Pom3P58xktY/UYQhC7uC9-I/AAAAAAAAIc8/SK4d1V0XDPg/s000/footer-bg.pnghttpIEXPLORE.EXE1.2kB 6.1kB 11 10
HTTP Request
GET http://4.bp.blogspot.com/-wiZtwnOMxbE/UhHV5vfNMoI/AAAAAAAAAEs/Vf0Rf-FiX9s/s72-c/rita-aidil-baru.jpgHTTP Response
200HTTP Request
GET http://4.bp.blogspot.com/-Pom3P58xktY/UYQhC7uC9-I/AAAAAAAAIc8/SK4d1V0XDPg/s000/footer-bg.pngHTTP Response
200 -
190 B 92 B 4 2
-
190 B 92 B 4 2
-
216.58.215.33:80http://3.bp.blogspot.com/-pQJk3V96rqI/UYQg-pkX4HI/AAAAAAAAIck/qYYceBPC0VM/s000/category.pnghttpIEXPLORE.EXE1.8kB 41.0kB 24 33
HTTP Request
GET http://3.bp.blogspot.com/-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s1600/ATNY2.jpgHTTP Response
200HTTP Request
GET http://3.bp.blogspot.com/-pQJk3V96rqI/UYQg-pkX4HI/AAAAAAAAIck/qYYceBPC0VM/s000/category.pngHTTP Response
200 -
216.58.215.33:80http://4.bp.blogspot.com/-ZNFvado-lKw/UYQg9D_78GI/AAAAAAAAIcM/ln4KxyHm618/s000/date.pnghttpIEXPLORE.EXE1.9kB 7.0kB 13 10
HTTP Request
GET http://4.bp.blogspot.com/-KogsprlWx6E/Ui7zLGykQdI/AAAAAAAAAIc/t85adyR7ke8/s72-c/9102013_anakannebaru-a.jpgHTTP Response
200HTTP Request
GET http://4.bp.blogspot.com/-Bwq6mBzNOAU/UYQg76_0_CI/AAAAAAAAIb8/MkWfQIGg0V8/s000/background.pngHTTP Response
200HTTP Request
GET http://4.bp.blogspot.com/-lW9h3urNutM/UYQhDRVEHfI/AAAAAAAAIdI/5FNAaWPfVJQ/s000/search.pngHTTP Response
200HTTP Request
GET http://4.bp.blogspot.com/-ZNFvado-lKw/UYQg9D_78GI/AAAAAAAAIcM/ln4KxyHm618/s000/date.pngHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
348 B 1.7kB 5 4
HTTP Request
GET http://c.pki.goog/r/r1.crlHTTP Response
200 -
142.250.179.67:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soShttpIEXPLORE.EXE842 B 3.1kB 8 7
HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DHTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soSHTTP Response
200 -
142.250.179.67:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7EwhttpIEXPLORE.EXE886 B 3.1kB 9 6
HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3DHTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7EwHTTP Response
200 -
142.250.179.67:80http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7EwhttpIEXPLORE.EXE888 B 3.1kB 9 6
HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZbHTTP Response
200HTTP Request
GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7EwHTTP Response
200 -
142.250.179.67:80http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DhttpIEXPLORE.EXE464 B 844 B 5 3
HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DHTTP Response
200 -
142.250.179.67:80http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DhttpIEXPLORE.EXE464 B 844 B 5 3
HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DHTTP Response
200 -
142.250.179.67:80http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DhttpIEXPLORE.EXE470 B 1.6kB 5 4
HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3DHTTP Response
200 -
142.250.179.67:80http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3DhttpIEXPLORE.EXE470 B 1.6kB 5 4
HTTP Request
GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3DHTTP Response
200 -
190 B 92 B 4 2
-
172.217.20.163:80http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woffhttpIEXPLORE.EXE841 B 16.9kB 12 15
HTTP Request
GET http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woffHTTP Response
200 -
216.58.215.33:80http://1.bp.blogspot.com/-kRrAzt4n09A/UYQhFDEAQOI/AAAAAAAAIdk/m3h3TLA9E2k/s000/menu-secondary-bg.pnghttpIEXPLORE.EXE668 B 1.6kB 7 5
HTTP Request
GET http://1.bp.blogspot.com/-kRrAzt4n09A/UYQhFDEAQOI/AAAAAAAAIdk/m3h3TLA9E2k/s000/menu-secondary-bg.pngHTTP Response
200 -
216.58.215.33:80http://1.bp.blogspot.com/-dMs0c7VTy50/UYQhFnCbEGI/AAAAAAAAIds/uZF0bKPSe0U/s000/menu-secondary-separator.pnghttpIEXPLORE.EXE675 B 1.5kB 7 5
HTTP Request
GET http://1.bp.blogspot.com/-dMs0c7VTy50/UYQhFnCbEGI/AAAAAAAAIds/uZF0bKPSe0U/s000/menu-secondary-separator.pngHTTP Response
200 -
466 B 92 B 10 2
-
577 B 4.3kB 7 7
HTTP Request
GET http://widgets.amung.us/small.jsHTTP Response
200 -
144 B 92 B 3 2
-
157.240.221.35:80http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21httpIEXPLORE.EXE686 B 918 B 6 5
HTTP Request
GET http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21HTTP Response
301 -
157.240.221.35:443https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21tls, httpIEXPLORE.EXE1.2kB 7.6kB 11 13
HTTP Request
GET https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21HTTP Response
200 -
756 B 4.6kB 10 9
-
142.250.27.84:443https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=truetls, httpIEXPLORE.EXE1.4kB 6.1kB 10 11
HTTP Request
GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=trueHTTP Response
302 -
393 B 1.7kB 4 4
HTTP Request
GET http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crlHTTP Response
200 -
399 B 1.7kB 4 4
HTTP Request
GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crlHTTP Response
200 -
753 B 7.9kB 9 13
-
799 B 7.9kB 10 13
-
781 B 7.9kB 9 13
-
63 B 124 B 1 1
DNS Request
3.bp.blogspot.com
DNS Response
216.58.215.33
-
61 B 108 B 1 1
DNS Request
www.blogger.com
DNS Response
216.58.214.169
-
61 B 98 B 1 1
DNS Request
apis.google.com
DNS Response
142.250.179.78
-
65 B 81 B 1 1
DNS Request
ajax.googleapis.com
DNS Response
142.250.201.170
-
63 B 110 B 1 1
DNS Request
img2.blogblog.com
DNS Response
216.58.214.169
-
64 B 94 B 1 1
DNS Request
www.linkwithin.com
DNS Response
118.139.179.30
-
63 B 124 B 1 1
DNS Request
4.bp.blogspot.com
DNS Response
216.58.215.33
-
63 B 124 B 1 1
DNS Request
2.bp.blogspot.com
DNS Response
216.58.215.33
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
c.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.179.67
-
56 B 107 B 1 1
DNS Request
o.pki.goog
DNS Response
142.250.179.67
-
63 B 124 B 1 1
DNS Request
1.bp.blogspot.com
DNS Response
216.58.215.33
-
62 B 110 B 1 1
DNS Request
widgets.amung.us
DNS Response
104.22.74.171104.22.75.171172.67.8.141
-
62 B 107 B 1 1
DNS Request
www.facebook.com
DNS Response
157.240.221.35
-
65 B 81 B 1 1
DNS Request
accounts.google.com
DNS Response
142.250.27.84
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
95.100.245.144
-
63 B 162 B 1 1
DNS Request
crl.microsoft.com
DNS Response
88.221.134.8388.221.134.146
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
95.100.245.144
-
63 B 230 B 1 1
DNS Request
www.microsoft.com
DNS Response
95.100.245.144
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
854B
MD5e935bc5762068caf3e24a2683b1b8a88
SHA182b70eb774c0756837fe8d7acbfeec05ecbf5463
SHA256a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d
SHA512bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
Filesize1KB
MD56e43655cde9d995771bae17b48841830
SHA1493b3fd6809f71382a4b91be21a206f282b791f1
SHA25684d3e8ea78c23c02216d90acff5e27ad83ad91b75e20c8fd466248d8b9b1bf6f
SHA512aafba1acfa6c6f2b2268d981b8bffd70c54f7d3c096e6746560449eec847cd21e2ec81b5b12199399e4dae6f4d64d391c88a3950e7cfbdb4dfc004d52940bdf0
-
Filesize
914B
MD5e4a68ac854ac5242460afd72481b2a44
SHA1df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA5125622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5
-
Filesize
1KB
MD5a266bb7dcc38a562631361bbf61dd11b
SHA13b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA5120da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
Filesize252B
MD54893d6b6eb9059afd0fede5f4ed3af14
SHA1a2385f98239432eb5447a5910220ec135b475c13
SHA25617c4d63b642e89fa282f9c6ef9d3dd857b6af45e23f92f169d4a9ed5a7e2248b
SHA5129b6b8c89f35fa6912ddc67cd2f917616aa739156ac6839fb2a608307660a8f0e37fa3c4f1829bd7b1991c375ad04264915ab0a32fe172df581290beb17719296
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5fbe8f1b1ea3a1899b3fef29bbdbf3317
SHA1ffaf83308572e79803a1f8f3b745d809a0aab2b1
SHA2561e259225aacf34797bb7a5aa153aa05eb07fb2b3bcf5ffa4059ec95c39e2eba8
SHA5128a03adfc9e198a239aae74ca8d9c15baecc530e70075166f394bcefc017c8a9de0332b228c493cdb0305ab5ee006a555be9cb6a3af9ae476c986c15e8ac0c4b0
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5bfa3449672caf1c3642e963d3cc331ea
SHA12af26854939f13ac6e41f2c47357c4e9809eda0e
SHA25660738800e98941a52a15d5bdcd369e0f50d3e6f61b9c872b9351479575e9b50f
SHA51283eb114d279aa6d2200f6586ea8586d98fd8cbe378dd749e9aa7c4e105ce18ff9c428b6ce1f080444c9ce07317d2c8741636f9bf38ffed8ce7a54917c634f2b8
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5fd2022791e17b88ae738996cb52261aa
SHA1e6c999a85832d7e2642176ed08ac169455af6d43
SHA2566b4db258ac09e049938e5f91137f5543dedb0f55eb6bd7284aa1cb56b6a94da4
SHA512564624669fbbb8efffbdd895ec4ea63bc25e2dc39809b06aaf23b91c4e99c9e12f12c59f7ba964290a3921076007f533d10202735a17445e7814d3746561a854
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD59f05b26fc71e94424339d5e33dafeab1
SHA1ce7111437fe688023016aaf9feb58be4371bde8f
SHA256610d8e16346cc1ed293fc9b02b2782731c658c8bd689a650325e60a5606d79d2
SHA512ef384547b785dfb44f5abd453784bbd72d87339b9d7fd1b062a1a8d617cf8f4b96e7b611e7b22a6d0edd89af7ef9dfdd50e4cf83dd7470acba84ec2017d1b53d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD546f99aad936d363734b93da2495ed04d
SHA11ddc13dc99c7db8288eea600bbad567732798b36
SHA256d07004c6e28c66793f98fb9c9311c38199ac597648dc9d4046aa53106857ef60
SHA51258b88d7ffd862a3508eb49dcfd1b2aa7df96e525512a4fc6978e6242929dcc84f78516b6cec73e188a2ed5ae2dcb72ecca3b2a0098e0227cfe83612526cec3ba
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5e3d0fc4df76dea66521ca7f3cc022140
SHA180aa35358197fe47ffbbbe289122e1ca2760f4a5
SHA256b8b70b32506a137bfffe0a1d599223a7abf9fda5f317f275fb58364fc0846101
SHA51252a63933df44590d569feca2a3df7ace52b7d6af19f17fbb2068785dcf9f3fb6ebdb78bcd6adb400b4b191f7c476319a329e17d9310aa752c3e75206aa143d1d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5fcce3b2e13134f58d0c66da638ee52a7
SHA15df2f2e4c0a022ad41f446ee8c02b9b6f4b3d91a
SHA2563faef70dd1c6d894984f099a1b24f85fec06610bf4d21b97189aad5c55cde151
SHA51283fec45097c6e9b3c06f5b96453c86dfb507a40ea494afdaa8da5f87815c2fe522db564776deb6cec1946a13f2dcdc940aacb5cf9e8c6234a98eeae708c1bd62
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD546d7ad2f5376d8df9367e9357df9cc53
SHA19869ab77d1d8297683bba7007e1c94e010aa7295
SHA25665e2f62be7f9098ff8e6c002ce007c1bdea282db0bccd730e19a435dd87959e5
SHA51292bb6368815ddcafd18422dbd0b87b4bcdd6768ed3c4c93c7ed79071d04b60cc55926c18e0f0bfb47badbd935021f67c94235e6945f713aef0b9e0a77b51a21b
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD57db73f7ab266ec66912004da6aa3c05a
SHA127b9c250df6c68be291e78973cae003bb3741483
SHA2562521a3eabbdfd4f86f21de1783074e83bbcf4f668a1c4691c7543987c514a2f9
SHA512399802a8aa81cd9ac0699e7d32416e0ae201030cdd70d1afd504b08cb8602985799978f9be25c9ad9f9047e4ff9bafffb4004beeb35f5f5a840ae85bc9e9a56d
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Filesize342B
MD5d7353da530933ae3df4bd56c672ba8ba
SHA1ef9d33a7510023c891256a22ffa4a6801d85c239
SHA256c6608fc86216eff4ec4891cd605b06cfc310362f99826b9c9fd11558fe9a6565
SHA51234d0bac42e6e3ad7a2d6b4b7f13758e4f7adf310e48f734e04f1a29be41e32896ec1281b0bda4df864146887d5da8bfaea01ab706f5525cd045bbd587eaa0004
-
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
Filesize242B
MD5815dfa1f96809ebe7459669e03e84875
SHA17171eda7f8c154e56695e6e6dc6aec71a9a95b86
SHA256aca983cd5384f82b54759a9863c867801c0a3d8c61d8bd89b7c1c186cd625d09
SHA512d4ae287beb263cc9c5b29cfa4b2f60f63a4d9f94a57325fcbc1c59a8e140cd25db209958f7a4c90a7304d4c14cdbfcc21a5af202390777ec46caf404e1e9da2d
-
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT668XG4\plusone[1].js
Filesize62KB
MD53c91ec4a05ec32f698b60dc011298dd8
SHA1f10f0516a67aaf4590d49159cf9d36312653a55e
SHA25696b335b41362fd966c7e5e547db375ef0be7dcb2aec66bf3646782eeaed4b2cf
SHA51205345e754b39e9f83514bc3e14b52f3cbf321738fd7d973da55db99035b11b4152fedce2c203eb34376cc9e18571db514ff9fbcb4174a2dd7cca7e439cd25944
-
Filesize
70KB
MD549aebf8cbd62d92ac215b2923fb1b9f5
SHA11723be06719828dda65ad804298d0431f6aff976
SHA256b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b
-
Filesize
181KB
MD54ea6026cf93ec6338144661bf1202cd1
SHA1a1dec9044f750ad887935a01430bf49322fbdcb7
SHA2568efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA5126c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b