Analysis

  • max time kernel
    144s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    01-01-2025 23:27

General

  • Target

    JaffaCakes118_6149f9f63d7f4c1bf629d51b47018146.html

  • Size

    84KB

  • MD5

    6149f9f63d7f4c1bf629d51b47018146

  • SHA1

    5a600807895ed1c6513f34a4b307ec8d65309785

  • SHA256

    b1f31ddfcf92547888db28725556a90129159455bcdebdabe8ce233b688193f5

  • SHA512

    b06bb7be83f774329468aed96c3010951b881087a92a9bfb366855cc8980958ced2a27be698c369575c97a01b337bbd86219cb1441793e19795c792b50fa97f7

  • SSDEEP

    1536:Z55g+xjv/XRyGXmNJUzIfVZeDliFcCHPbkwPYMorHi4X9bAb:Z55BxDAGXmNJUzmZeDliFLHPbksYTrH2

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Socgholish family
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 26 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_6149f9f63d7f4c1bf629d51b47018146.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1628
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1628 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1224

Network

  • flag-us
    DNS
    3.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    3.bp.blogspot.com
    IN A
    Response
    3.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    216.58.215.33
  • flag-us
    DNS
    www.blogger.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.blogger.com
    IN A
    Response
    www.blogger.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    216.58.214.169
  • flag-us
    DNS
    apis.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apis.google.com
    IN A
    Response
    apis.google.com
    IN CNAME
    plus.l.google.com
    plus.l.google.com
    IN A
    142.250.179.78
  • flag-us
    DNS
    ajax.googleapis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ajax.googleapis.com
    IN A
    Response
    ajax.googleapis.com
    IN A
    142.250.201.170
  • flag-us
    DNS
    img2.blogblog.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    img2.blogblog.com
    IN A
    Response
    img2.blogblog.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    216.58.214.169
  • flag-us
    DNS
    www.linkwithin.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.linkwithin.com
    IN A
    Response
    www.linkwithin.com
    IN CNAME
    linkwithin.com
    linkwithin.com
    IN A
    118.139.179.30
  • flag-us
    DNS
    4.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    4.bp.blogspot.com
    IN A
    Response
    4.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    216.58.215.33
  • flag-us
    DNS
    2.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    2.bp.blogspot.com
    IN A
    Response
    2.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    216.58.215.33
  • flag-fr
    GET
    http://3.bp.blogspot.com/-Krn0dLFXIDQ/UYQhQ3-skII/AAAAAAAAIfs/qAnJ0smJSXQ/s000/email.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-Krn0dLFXIDQ/UYQhQ3-skII/AAAAAAAAIfs/qAnJ0smJSXQ/s000/email.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="email.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 1115
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21fc"
    Content-Type: image/png
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    https://apis.google.com/js/plusone.js
    IEXPLORE.EXE
    Remote address:
    142.250.179.78:443
    Request
    GET /js/plusone.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Date: Wed, 01 Jan 2025 23:28:08 GMT
    Expires: Wed, 01 Jan 2025 23:28:08 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "8a9123f6cf0cb51d"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-fr
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.179.78:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 54256
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 28 Dec 2024 09:07:55 GMT
    Expires: Sun, 28 Dec 2025 09:07:55 GMT
    Cache-Control: public, max-age=31536000
    Age: 397213
    Last-Modified: Mon, 02 Dec 2024 19:38:27 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-fr
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.179.78:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 14573
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 31 Dec 2024 01:50:49 GMT
    Expires: Wed, 31 Dec 2025 01:50:49 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 02 Dec 2024 19:38:27 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 164240
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-fr
    GET
    http://3.bp.blogspot.com/-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s72-c/ATNY2.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s72-c/ATNY2.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="ATNY2.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3975
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v8f"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://3.bp.blogspot.com/-edLIJwCUUfg/UYQhIn_nrhI/AAAAAAAAIeU/NgaE0a3GPho/s000/tabs-bg.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-edLIJwCUUfg/UYQhIn_nrhI/AAAAAAAAIeU/NgaE0a3GPho/s000/tabs-bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v21e6"
    Expires: Thu, 02 Jan 2025 23:28:09 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="tabs-bg.png"
    X-Content-Type-Options: nosniff
    Date: Wed, 01 Jan 2025 23:28:09 GMT
    Server: fife
    Content-Length: 280
    X-XSS-Protection: 0
  • flag-sg
    GET
    http://www.linkwithin.com/widget.js
    IEXPLORE.EXE
    Remote address:
    118.139.179.30:80
    Request
    GET /widget.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.linkwithin.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 01 Jan 2025 23:28:07 GMT
    Server: Apache
    Content-Length: 315
    Keep-Alive: timeout=5
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
  • flag-fr
    GET
    https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
    IEXPLORE.EXE
    Remote address:
    142.250.201.170:443
    Request
    GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ajax.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
    Timing-Allow-Origin: *
    Content-Length: 33845
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 28 Dec 2024 04:12:24 GMT
    Expires: Sun, 28 Dec 2025 04:12:24 GMT
    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
    Age: 414944
    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-fr
    GET
    http://apis.google.com/js/plusone.js
    IEXPLORE.EXE
    Remote address:
    142.250.179.78:80
    Request
    GET /js/plusone.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Content-Length: 24179
    Date: Wed, 01 Jan 2025 23:28:07 GMT
    Expires: Wed, 01 Jan 2025 23:28:07 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "8a9123f6cf0cb51d"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
  • flag-fr
    GET
    http://fonts.googleapis.com/css?family=Oswald
    IEXPLORE.EXE
    Remote address:
    142.250.201.170:80
    Request
    GET /css?family=Oswald HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: fonts.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/css; charset=utf-8
    Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Expires: Wed, 01 Jan 2025 23:28:07 GMT
    Date: Wed, 01 Jan 2025 23:28:07 GMT
    Cache-Control: private, max-age=86400
    Cross-Origin-Opener-Policy: same-origin-allow-popups
    Cross-Origin-Resource-Policy: cross-origin
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: ESF
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
  • flag-fr
    GET
    https://www.blogger.com/static/v1/widgets/1394523530-widget_css_bundle.css
    IEXPLORE.EXE
    Remote address:
    216.58.214.169:443
    Request
    GET /static/v1/widgets/1394523530-widget_css_bundle.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 6667
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 31 Dec 2024 01:50:49 GMT
    Expires: Wed, 31 Dec 2025 01:50:49 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Fri, 12 Nov 2021 02:51:58 GMT
    Content-Type: text/css
    Vary: Accept-Encoding
    Age: 164239
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-fr
    GET
    https://www.blogger.com/static/v1/jsbin/2517944472-comment_from_post_iframe.js
    IEXPLORE.EXE
    Remote address:
    216.58.214.169:443
    Request
    GET /static/v1/jsbin/2517944472-comment_from_post_iframe.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 6492
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 31 Dec 2024 02:29:51 GMT
    Expires: Wed, 31 Dec 2025 02:29:51 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 09 Nov 2021 23:04:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 161897
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-fr
    GET
    https://www.blogger.com/static/v1/widgets/2918676466-widgets.js
    IEXPLORE.EXE
    Remote address:
    216.58.214.169:443
    Request
    GET /static/v1/widgets/2918676466-widgets.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 57168
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 31 Dec 2024 02:19:50 GMT
    Expires: Wed, 31 Dec 2025 02:19:50 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 18 Oct 2021 21:53:57 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 162498
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-fr
    GET
    https://www.blogger.com/dyn-css/authorization.css?targetBlogID=896883900501233879&zx=9863af3f-6b64-4c6a-95e1-10e2b0360d4a
    IEXPLORE.EXE
    Remote address:
    216.58.214.169:443
    Request
    GET /dyn-css/authorization.css?targetBlogID=896883900501233879&zx=9863af3f-6b64-4c6a-95e1-10e2b0360d4a HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/css; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Wed, 01 Jan 2025 23:28:08 GMT
    Last-Modified: Wed, 01 Jan 2025 23:28:08 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-fr
    GET
    https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389
    IEXPLORE.EXE
    Remote address:
    216.58.214.169:443
    Request
    GET /comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Moved Temporarily
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=true
    Content-Type: text/html; charset=UTF-8
    Content-Encoding: gzip
    Date: Wed, 01 Jan 2025 23:28:09 GMT
    Expires: Wed, 01 Jan 2025 23:28:09 GMT
    Cache-Control: private, max-age=0
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    Content-Security-Policy: frame-ancestors 'self'
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-fr
    GET
    https://www.blogger.com/img/share_buttons_20_3.png
    IEXPLORE.EXE
    Remote address:
    216.58.214.169:443
    Request
    GET /img/share_buttons_20_3.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 5080
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 28 Dec 2024 08:28:15 GMT
    Expires: Sat, 04 Jan 2025 08:28:15 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Fri, 27 Dec 2024 15:53:46 GMT
    Content-Type: image/png
    Age: 399594
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-fr
    GET
    https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1
    IEXPLORE.EXE
    Remote address:
    216.58.214.169:443
    Request
    GET /comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/html; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Wed, 01 Jan 2025 23:28:10 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Set-Cookie: S=blogger=h0aYHlQcQEnEpijAKKGRHjDjPjuFK12fw93Zn8X8z5M; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-fr
    GET
    http://3.bp.blogspot.com/-DRDSfuuwUQw/UhHVb1BBXgI/AAAAAAAAAEo/WE2Ed4xQWaw/s72-c/1000574_409215192515738_1825340140_n.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-DRDSfuuwUQw/UhHVb1BBXgI/AAAAAAAAAEo/WE2Ed4xQWaw/s72-c/1000574_409215192515738_1825340140_n.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="1000574_409215192515738_1825340140_n.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 11968
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:05 GMT
    Expires: Thu, 02 Jan 2025 23:28:05 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v4a"
    Content-Type: image/png
    Vary: Origin
    Age: 2
  • flag-fr
    GET
    http://3.bp.blogspot.com/-A-Dhf5taRnU/Ui2erh8wJWI/AAAAAAAAAG8/Yq0wLzSuTtU/s72-c/1240157_417856921651565_648629685_n.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-A-Dhf5taRnU/Ui2erh8wJWI/AAAAAAAAAG8/Yq0wLzSuTtU/s72-c/1240157_417856921651565_648629685_n.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="1240157_417856921651565_648629685_n.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 4674
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:05 GMT
    Expires: Thu, 02 Jan 2025 23:28:05 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v70"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-fr
    GET
    http://3.bp.blogspot.com/-2R32u7o1pRw/UhbwQLxuB7I/AAAAAAAAAF4/1xPGtqEUDqE/s72-c/AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-2R32u7o1pRw/UhbwQLxuB7I/AAAAAAAAAF4/1xPGtqEUDqE/s72-c/AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3658
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v5f"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://pagead2.googlesyndication.com/pagead/show_ads.js
    IEXPLORE.EXE
    Remote address:
    172.217.20.162:80
    Request
    GET /pagead/show_ads.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: pagead2.googlesyndication.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Accept-Encoding
    Date: Wed, 01 Jan 2025 23:28:07 GMT
    Expires: Wed, 01 Jan 2025 23:28:07 GMT
    Cache-Control: private, max-age=3600
    Content-Type: text/javascript; charset=UTF-8
    ETag: 8517436246324098121
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    Content-Length: 15483
    X-XSS-Protection: 0
  • flag-sg
    GET
    http://www.linkwithin.com/pixel.png
    IEXPLORE.EXE
    Remote address:
    118.139.179.30:80
    Request
    GET /pixel.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.linkwithin.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 01 Jan 2025 23:28:07 GMT
    Server: Apache
    Content-Length: 315
    Keep-Alive: timeout=5
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
  • flag-fr
    GET
    http://img2.blogblog.com/img/icon18_edit_allbkg.gif
    IEXPLORE.EXE
    Remote address:
    216.58.214.169:80
    Request
    GET /img/icon18_edit_allbkg.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img2.blogblog.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 162
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 28 Dec 2024 08:10:43 GMT
    Expires: Sat, 04 Jan 2025 08:10:43 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Fri, 27 Dec 2024 15:53:46 GMT
    Content-Type: image/gif
    Age: 400644
  • flag-fr
    GET
    http://2.bp.blogspot.com/-OwwR07ZMvLg/UYQhPOOwEQI/AAAAAAAAIfc/lSKW0zJJ1aY/s000/linkedin.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-OwwR07ZMvLg/UYQhPOOwEQI/AAAAAAAAIfc/lSKW0zJJ1aY/s000/linkedin.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="linkedin.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 1036
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21f8"
    Content-Type: image/png
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://2.bp.blogspot.com/-4E6xibLah1M/UYQhOl314WI/AAAAAAAAIfU/qJFDdp4-xgA/s000/gplus.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-4E6xibLah1M/UYQhOl314WI/AAAAAAAAIfU/qJFDdp4-xgA/s000/gplus.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="gplus.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 4436
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21f6"
    Content-Type: image/png
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://2.bp.blogspot.com/-q2y6zfaeX0M/UjHNv_y8ZDI/AAAAAAAAAJY/qt0VM0TlI8o/s72-c/jupe(1).jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-q2y6zfaeX0M/UjHNv_y8ZDI/AAAAAAAAAJY/qt0VM0TlI8o/s72-c/jupe(1).jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="jupe(1).jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3434
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v97"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
    IEXPLORE.EXE
    Remote address:
    142.250.201.170:80
    Request
    GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ajax.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
    Timing-Allow-Origin: *
    Content-Length: 85925
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 28 Dec 2024 02:17:02 GMT
    Expires: Sun, 28 Dec 2025 02:17:02 GMT
    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
    Age: 421865
    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
  • flag-fr
    GET
    http://2.bp.blogspot.com/-N6km-8UW6Vc/UkV_NRL_exI/AAAAAAAAAJo/TrWP939E88w/s72-c/xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-N6km-8UW6Vc/UkV_NRL_exI/AAAAAAAAAJo/TrWP939E88w/s72-c/xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 4254
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v9b"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://4.bp.blogspot.com/-YazvPOZfDJU/UYQhN11Ko2I/AAAAAAAAIfM/AQEY4Q_HPjA/s000/facebook.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-YazvPOZfDJU/UYQhN11Ko2I/AAAAAAAAIfM/AQEY4Q_HPjA/s000/facebook.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="facebook.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 955
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21f4"
    Content-Type: image/png
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://4.bp.blogspot.com/-u-tp28Udd9I/UYQhNmb7k4I/AAAAAAAAIfE/D6Iiu2abkSA/s000/twitter.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-u-tp28Udd9I/UYQhNmb7k4I/AAAAAAAAIfE/D6Iiu2abkSA/s000/twitter.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="twitter.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 962
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21f2"
    Content-Type: image/png
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://2.bp.blogspot.com/-DnxXMaoWDD8/Ui266e8vRkI/AAAAAAAAAH8/9chAlZWGkXU/s72-c/IMG_4801(1).jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-DnxXMaoWDD8/Ui266e8vRkI/AAAAAAAAAH8/9chAlZWGkXU/s72-c/IMG_4801(1).jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="IMG_4801(1).jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 2956
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:05 GMT
    Expires: Thu, 02 Jan 2025 23:28:05 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v80"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-fr
    GET
    http://2.bp.blogspot.com/-u_Pb11o3ReU/UYQg8g5OHwI/AAAAAAAAIcE/EyCD1C318S4/s000/wrapper-bg.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-u_Pb11o3ReU/UYQg8g5OHwI/AAAAAAAAIcE/EyCD1C318S4/s000/wrapper-bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="wrapper-bg.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 259
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21c2"
    Content-Type: image/png
    Vary: Origin
    Age: 5
  • flag-fr
    GET
    http://2.bp.blogspot.com/-frPNWYzkXRs/UYQg-Kwg9bI/AAAAAAAAIcc/bv1ssYTqnss/s000/comments.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-frPNWYzkXRs/UYQg-Kwg9bI/AAAAAAAAIcc/bv1ssYTqnss/s000/comments.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="comments.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 785
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:05 GMT
    Expires: Thu, 02 Jan 2025 23:28:05 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21c8"
    Content-Type: image/png
    Vary: Origin
    Age: 4
  • flag-fr
    GET
    http://4.bp.blogspot.com/-miEE80dX7dY/UYQhP1s1jwI/AAAAAAAAIfk/7NYy8_vGvQ0/s000/rss.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-miEE80dX7dY/UYQhP1s1jwI/AAAAAAAAIfk/7NYy8_vGvQ0/s000/rss.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="rss.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 1517
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21fa"
    Content-Type: image/png
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://4.bp.blogspot.com/-15xFzZnJNMA/Ui7uZ1l-rAI/AAAAAAAAAIM/SLCTuYTCDNs/s72-c/1237172_703041469725939_854811160_n.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-15xFzZnJNMA/Ui7uZ1l-rAI/AAAAAAAAAIM/SLCTuYTCDNs/s72-c/1237172_703041469725939_854811160_n.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="1237172_703041469725939_854811160_n.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3519
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v84"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://4.bp.blogspot.com/-wiZtwnOMxbE/UhHV5vfNMoI/AAAAAAAAAEs/Vf0Rf-FiX9s/s72-c/rita-aidil-baru.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-wiZtwnOMxbE/UhHV5vfNMoI/AAAAAAAAAEs/Vf0Rf-FiX9s/s72-c/rita-aidil-baru.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="rita-aidil-baru.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3817
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:05 GMT
    Expires: Thu, 02 Jan 2025 23:28:05 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v4c"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-fr
    GET
    http://4.bp.blogspot.com/-Pom3P58xktY/UYQhC7uC9-I/AAAAAAAAIc8/SK4d1V0XDPg/s000/footer-bg.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-Pom3P58xktY/UYQhC7uC9-I/AAAAAAAAIc8/SK4d1V0XDPg/s000/footer-bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "v21d0"
    Expires: Thu, 02 Jan 2025 23:28:10 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="footer-bg.png"
    X-Content-Type-Options: nosniff
    Date: Wed, 01 Jan 2025 23:28:10 GMT
    Server: fife
    Content-Length: 233
    X-XSS-Protection: 0
  • flag-fr
    GET
    http://3.bp.blogspot.com/-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s1600/ATNY2.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s1600/ATNY2.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="ATNY2.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 38099
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v8f"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 3
  • flag-fr
    GET
    http://3.bp.blogspot.com/-pQJk3V96rqI/UYQg-pkX4HI/AAAAAAAAIck/qYYceBPC0VM/s000/category.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-pQJk3V96rqI/UYQg-pkX4HI/AAAAAAAAIck/qYYceBPC0VM/s000/category.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="category.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 690
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:05 GMT
    Expires: Thu, 02 Jan 2025 23:28:05 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21ca"
    Content-Type: image/png
    Vary: Origin
    Age: 4
  • flag-fr
    GET
    http://4.bp.blogspot.com/-KogsprlWx6E/Ui7zLGykQdI/AAAAAAAAAIc/t85adyR7ke8/s72-c/9102013_anakannebaru-a.jpg
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-KogsprlWx6E/Ui7zLGykQdI/AAAAAAAAAIc/t85adyR7ke8/s72-c/9102013_anakannebaru-a.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="9102013_anakannebaru-a.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3182
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:05 GMT
    Expires: Thu, 02 Jan 2025 23:28:05 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v88"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-fr
    GET
    http://4.bp.blogspot.com/-Bwq6mBzNOAU/UYQg76_0_CI/AAAAAAAAIb8/MkWfQIGg0V8/s000/background.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-Bwq6mBzNOAU/UYQg76_0_CI/AAAAAAAAIb8/MkWfQIGg0V8/s000/background.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="background.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 202
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21c0"
    Content-Type: image/png
    Vary: Origin
    Age: 5
  • flag-fr
    GET
    http://4.bp.blogspot.com/-lW9h3urNutM/UYQhDRVEHfI/AAAAAAAAIdI/5FNAaWPfVJQ/s000/search.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-lW9h3urNutM/UYQhDRVEHfI/AAAAAAAAIdI/5FNAaWPfVJQ/s000/search.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="search.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 450
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21d4"
    Content-Type: image/png
    Vary: Origin
    Age: 5
  • flag-fr
    GET
    http://4.bp.blogspot.com/-ZNFvado-lKw/UYQg9D_78GI/AAAAAAAAIcM/ln4KxyHm618/s000/date.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-ZNFvado-lKw/UYQg9D_78GI/AAAAAAAAIcM/ln4KxyHm618/s000/date.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="date.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 918
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:05 GMT
    Expires: Thu, 02 Jan 2025 23:28:05 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21c4"
    Content-Type: image/png
    Vary: Origin
    Age: 4
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-fr
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:07:48 GMT
    Expires: Wed, 01 Jan 2025 23:57:48 GMT
    Cache-Control: public, max-age=3000
    Age: 1219
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-fr
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:07:48 GMT
    Expires: Wed, 01 Jan 2025 23:57:48 GMT
    Cache-Control: public, max-age=3000
    Age: 1219
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-fr
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:07:48 GMT
    Expires: Wed, 01 Jan 2025 23:57:48 GMT
    Cache-Control: public, max-age=3000
    Age: 1219
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-fr
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:07:48 GMT
    Expires: Wed, 01 Jan 2025 23:57:48 GMT
    Cache-Control: public, max-age=3000
    Age: 1219
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-fr
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:07:48 GMT
    Expires: Wed, 01 Jan 2025 23:57:48 GMT
    Cache-Control: public, max-age=3000
    Age: 1219
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-fr
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:07:48 GMT
    Expires: Wed, 01 Jan 2025 23:57:48 GMT
    Cache-Control: public, max-age=3000
    Age: 1219
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-fr
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:07:48 GMT
    Expires: Wed, 01 Jan 2025 23:57:48 GMT
    Cache-Control: public, max-age=3000
    Age: 1219
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.179.67
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 23:03:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1464
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 23:23:01 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 308
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 22:28:42 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3566
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 23:03:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1465
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 22:38:24 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2984
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 23:03:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1465
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 23:03:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1464
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 23:03:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1464
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 23:03:44 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1464
  • flag-fr
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D
    IEXPLORE.EXE
    Remote address:
    142.250.179.67:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 01 Jan 2025 22:28:42 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 3566
  • flag-us
    DNS
    1.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    1.bp.blogspot.com
    IN A
    Response
    1.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    216.58.215.33
  • flag-fr
    GET
    http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff
    IEXPLORE.EXE
    Remote address:
    172.217.20.163:80
    Request
    GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Origin: file:
    Accept-Encoding: gzip, deflate
    Host: fonts.gstatic.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
    Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
    Timing-Allow-Origin: *
    Content-Length: 15512
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 27 Dec 2024 16:08:57 GMT
    Expires: Sat, 27 Dec 2025 16:08:57 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 15 Aug 2023 18:49:40 GMT
    Content-Type: font/woff
    Age: 458352
  • flag-fr
    GET
    http://1.bp.blogspot.com/-kRrAzt4n09A/UYQhFDEAQOI/AAAAAAAAIdk/m3h3TLA9E2k/s000/menu-secondary-bg.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-kRrAzt4n09A/UYQhFDEAQOI/AAAAAAAAIdk/m3h3TLA9E2k/s000/menu-secondary-bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="menu-secondary-bg.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 244
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21da"
    Content-Type: image/png
    Vary: Origin
    Age: 5
  • flag-fr
    GET
    http://1.bp.blogspot.com/-dMs0c7VTy50/UYQhFnCbEGI/AAAAAAAAIds/uZF0bKPSe0U/s000/menu-secondary-separator.png
    IEXPLORE.EXE
    Remote address:
    216.58.215.33:80
    Request
    GET /-dMs0c7VTy50/UYQhFnCbEGI/AAAAAAAAIds/uZF0bKPSe0U/s000/menu-secondary-separator.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 1.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="menu-secondary-separator.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 197
    X-XSS-Protection: 0
    Date: Wed, 01 Jan 2025 23:28:04 GMT
    Expires: Thu, 02 Jan 2025 23:28:04 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v21dc"
    Content-Type: image/png
    Vary: Origin
    Age: 5
  • flag-us
    DNS
    widgets.amung.us
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    widgets.amung.us
    IN A
    Response
    widgets.amung.us
    IN A
    104.22.74.171
    widgets.amung.us
    IN A
    104.22.75.171
    widgets.amung.us
    IN A
    172.67.8.141
  • flag-us
    DNS
    www.facebook.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.facebook.com
    IN A
    Response
    www.facebook.com
    IN CNAME
    star-mini.c10r.facebook.com
    star-mini.c10r.facebook.com
    IN A
    157.240.221.35
  • flag-us
    GET
    http://widgets.amung.us/small.js
    IEXPLORE.EXE
    Remote address:
    104.22.74.171:80
    Request
    GET /small.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: widgets.amung.us
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Wed, 01 Jan 2025 23:28:09 GMT
    Content-Type: application/x-javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    last-modified: Thu, 26 Dec 2024 22:59:25 GMT
    etag: W/"676ddfcd-2170"
    expires: Thu, 02 Jan 2025 22:53:39 GMT
    cache-control: max-age=86400
    access-control-allow-origin: *
    content-encoding: gzip
    CF-Cache-Status: HIT
    Age: 2070
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8fb648bc3bacf662-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-gb
    GET
    http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
    IEXPLORE.EXE
    Remote address:
    157.240.221.35:80
    Request
    GET /plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
    Content-Type: text/plain
    Server: proxygen-bolt
    Date: Wed, 01 Jan 2025 23:28:09 GMT
    Connection: keep-alive
    Content-Length: 0
  • flag-us
    DNS
    accounts.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    accounts.google.com
    IN A
    Response
    accounts.google.com
    IN A
    142.250.27.84
  • flag-gb
    GET
    https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
    IEXPLORE.EXE
    Remote address:
    157.240.221.35:443
    Request
    GET /plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html;charset=utf-8
    Pragma: no-cache
    Cache-Control: private, no-cache, no-store, must-revalidate
    Expires: Sat, 01 Jan 2000 00:00:00 GMT
    content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455092949859912001"
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455092949859912001"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455092949859912001"}],"group":"network-errors"}
    nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
    cross-origin-opener-policy: same-origin-allow-popups
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    X-FB-Debug: Lg6h6ZSdjAKGz0enBbs3SCJKqBWDcXt2UgSQ7h6wUidmESxIwtQQcP6+OnHhprTBknj6MCJrvaaBY7PgVOETXg==
    Date: Wed, 01 Jan 2025 23:28:10 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=42, rtx=1, c=10, mss=1357, tbw=3222, tp=-1, tpl=-1, uplat=21, ullat=0
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 0
  • flag-nl
    GET
    https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=true
    IEXPLORE.EXE
    Remote address:
    142.250.27.84:443
    Request
    GET /ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=true HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: accounts.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    Content-Type: application/binary
    Set-Cookie: __Host-GAPS=1:Wo1AhMd1s8RRisMOyTNblp-w6JW0Vg:mUAM2o9l72-mzWMg; Expires=Fri, 01-Jan-2027 23:28:09 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Wed, 01 Jan 2025 23:28:09 GMT
    Location: https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1
    Strict-Transport-Security: max-age=31536000; includeSubDomains
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Cross-Origin-Opener-Policy: unsafe-none
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    Content-Security-Policy: script-src 'nonce-ocIbzSZIldZ5OijOwUc6Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self'
    Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
    Cross-Origin-Resource-Policy: cross-origin
    Server: ESF
    Content-Length: 0
    X-XSS-Protection: 0
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-gb
    GET
    http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
    Remote address:
    95.100.245.144:80
    Request
    GET /pkiops/crl/MicCodSigPCA2011_2011-07-08.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Sun, 18 Aug 2024 00:23:49 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: www.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1078
    Content-Type: application/octet-stream
    Content-MD5: PjrtHAukbJio72s77Ag5mA==
    Last-Modified: Thu, 31 Oct 2024 23:26:09 GMT
    ETag: 0x8DCFA0366D6C4CA
    x-ms-request-id: 14da558d-d01e-0039-0aee-2bacf6000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Wed, 01 Jan 2025 23:28:38 GMT
    Connection: keep-alive
    TLS_version: UNKNOWN
    ms-cv: CASMicrosoftCV2155b9bf.0
    ms-cv-esi: CASMicrosoftCV2155b9bf.0
    X-RTag: RT
  • flag-us
    DNS
    crl.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    crl.microsoft.com
    IN A
    Response
    crl.microsoft.com
    IN CNAME
    crl.www.ms.akadns.net
    crl.www.ms.akadns.net
    IN CNAME
    a1363.dscg.akamai.net
    a1363.dscg.akamai.net
    IN A
    88.221.134.83
    a1363.dscg.akamai.net
    IN A
    88.221.134.146
  • flag-gb
    GET
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    Remote address:
    88.221.134.83:80
    Request
    GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Thu, 26 Sep 2024 02:21:11 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crl.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1036
    Content-Type: application/octet-stream
    Content-MD5: +oTkvMkqpdtzWrUHEQQM3g==
    Last-Modified: Thu, 12 Dec 2024 00:06:56 GMT
    ETag: 0x8DD1A40E476D877
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: 729f9bbc-001e-0005-142b-4c8531000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Wed, 01 Jan 2025 23:28:38 GMT
    Connection: keep-alive
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • flag-us
    DNS
    www.microsoft.com
    iexplore.exe
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    95.100.245.144
  • 216.58.215.33:80
    http://3.bp.blogspot.com/-Krn0dLFXIDQ/UYQhQ3-skII/AAAAAAAAIfs/qAnJ0smJSXQ/s000/email.png
    http
    IEXPLORE.EXE
    650 B
    1.8kB
    7
    5

    HTTP Request

    GET http://3.bp.blogspot.com/-Krn0dLFXIDQ/UYQhQ3-skII/AAAAAAAAIfs/qAnJ0smJSXQ/s000/email.png

    HTTP Response

    200
  • 142.250.179.78:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scs
    tls, http
    IEXPLORE.EXE
    3.7kB
    105.9kB
    50
    84

    HTTP Request

    GET https://apis.google.com/js/plusone.js

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_0?le=scs

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.eXGUr_3hPjA.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-g8reFxkIuQ1pTpW4rHM0-Devz-A/cb=gapi.loaded_1?le=scs

    HTTP Response

    200
  • 216.58.215.33:80
    http://3.bp.blogspot.com/-edLIJwCUUfg/UYQhIn_nrhI/AAAAAAAAIeU/NgaE0a3GPho/s000/tabs-bg.png
    http
    IEXPLORE.EXE
    1.1kB
    6.3kB
    10
    10

    HTTP Request

    GET http://3.bp.blogspot.com/-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s72-c/ATNY2.jpg

    HTTP Response

    200

    HTTP Request

    GET http://3.bp.blogspot.com/-edLIJwCUUfg/UYQhIn_nrhI/AAAAAAAAIeU/NgaE0a3GPho/s000/tabs-bg.png

    HTTP Response

    200
  • 118.139.179.30:80
    http://www.linkwithin.com/widget.js
    http
    IEXPLORE.EXE
    764 B
    679 B
    11
    4

    HTTP Request

    GET http://www.linkwithin.com/widget.js

    HTTP Response

    404
  • 142.250.201.170:443
    https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
    tls, http
    IEXPLORE.EXE
    1.8kB
    41.6kB
    25
    36

    HTTP Request

    GET https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

    HTTP Response

    200
  • 142.250.179.78:80
    http://apis.google.com/js/plusone.js
    http
    IEXPLORE.EXE
    995 B
    25.9kB
    16
    22

    HTTP Request

    GET http://apis.google.com/js/plusone.js

    HTTP Response

    200
  • 142.250.201.170:80
    http://fonts.googleapis.com/css?family=Oswald
    http
    IEXPLORE.EXE
    524 B
    946 B
    6
    5

    HTTP Request

    GET http://fonts.googleapis.com/css?family=Oswald

    HTTP Response

    200
  • 216.58.214.169:443
    https://www.blogger.com/static/v1/jsbin/2517944472-comment_from_post_iframe.js
    tls, http
    IEXPLORE.EXE
    1.6kB
    19.8kB
    15
    19

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/1394523530-widget_css_bundle.css

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/static/v1/jsbin/2517944472-comment_from_post_iframe.js

    HTTP Response

    200
  • 216.58.214.169:443
    www.blogger.com
    tls
    IEXPLORE.EXE
    614 B
    4.5kB
    7
    8
  • 216.58.214.169:443
    https://www.blogger.com/static/v1/widgets/2918676466-widgets.js
    tls, http
    IEXPLORE.EXE
    2.0kB
    65.5kB
    31
    52

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/2918676466-widgets.js

    HTTP Response

    200
  • 216.58.214.169:443
    https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1
    tls, http
    IEXPLORE.EXE
    2.6kB
    16.9kB
    19
    27

    HTTP Request

    GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=896883900501233879&zx=9863af3f-6b64-4c6a-95e1-10e2b0360d4a

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389

    HTTP Response

    302

    HTTP Request

    GET https://www.blogger.com/img/share_buttons_20_3.png

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/comment-iframe.g?blogID=896883900501233879&postID=3441114013059048652&blogspotRpcToken=7657389&bpli=1

    HTTP Response

    200
  • 142.250.201.170:443
    ajax.googleapis.com
    tls
    IEXPLORE.EXE
    710 B
    4.9kB
    9
    9
  • 216.58.215.33:80
    http://3.bp.blogspot.com/-DRDSfuuwUQw/UhHVb1BBXgI/AAAAAAAAAEo/WE2Ed4xQWaw/s72-c/1000574_409215192515738_1825340140_n.png
    http
    IEXPLORE.EXE
    866 B
    13.0kB
    11
    13

    HTTP Request

    GET http://3.bp.blogspot.com/-DRDSfuuwUQw/UhHVb1BBXgI/AAAAAAAAAEo/WE2Ed4xQWaw/s72-c/1000574_409215192515738_1825340140_n.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://3.bp.blogspot.com/-A-Dhf5taRnU/Ui2erh8wJWI/AAAAAAAAAG8/Yq0wLzSuTtU/s72-c/1240157_417856921651565_648629685_n.jpg
    http
    IEXPLORE.EXE
    681 B
    5.4kB
    7
    7

    HTTP Request

    GET http://3.bp.blogspot.com/-A-Dhf5taRnU/Ui2erh8wJWI/AAAAAAAAAG8/Yq0wLzSuTtU/s72-c/1240157_417856921651565_648629685_n.jpg

    HTTP Response

    200
  • 216.58.215.33:80
    http://3.bp.blogspot.com/-2R32u7o1pRw/UhbwQLxuB7I/AAAAAAAAAF4/1xPGtqEUDqE/s72-c/AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpg
    http
    IEXPLORE.EXE
    677 B
    4.4kB
    7
    7

    HTTP Request

    GET http://3.bp.blogspot.com/-2R32u7o1pRw/UhbwQLxuB7I/AAAAAAAAAF4/1xPGtqEUDqE/s72-c/AIDIL-ZAFUAN-RITA-RUDAINI-CERAI.jpg

    HTTP Response

    200
  • 172.217.20.162:80
    http://pagead2.googlesyndication.com/pagead/show_ads.js
    http
    IEXPLORE.EXE
    830 B
    16.7kB
    12
    15

    HTTP Request

    GET http://pagead2.googlesyndication.com/pagead/show_ads.js

    HTTP Response

    200
  • 118.139.179.30:80
    http://www.linkwithin.com/pixel.png
    http
    IEXPLORE.EXE
    781 B
    679 B
    11
    4

    HTTP Request

    GET http://www.linkwithin.com/pixel.png

    HTTP Response

    404
  • 216.58.214.169:80
    http://img2.blogblog.com/img/icon18_edit_allbkg.gif
    http
    IEXPLORE.EXE
    665 B
    1.7kB
    8
    5

    HTTP Request

    GET http://img2.blogblog.com/img/icon18_edit_allbkg.gif

    HTTP Response

    200
  • 172.217.20.162:80
    pagead2.googlesyndication.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 216.58.214.169:80
    img2.blogblog.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 216.58.215.33:80
    http://2.bp.blogspot.com/-OwwR07ZMvLg/UYQhPOOwEQI/AAAAAAAAIfc/lSKW0zJJ1aY/s000/linkedin.png
    http
    IEXPLORE.EXE
    653 B
    1.7kB
    7
    5

    HTTP Request

    GET http://2.bp.blogspot.com/-OwwR07ZMvLg/UYQhPOOwEQI/AAAAAAAAIfc/lSKW0zJJ1aY/s000/linkedin.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://2.bp.blogspot.com/-4E6xibLah1M/UYQhOl314WI/AAAAAAAAIfU/qJFDdp4-xgA/s000/gplus.png
    http
    IEXPLORE.EXE
    696 B
    5.2kB
    8
    7

    HTTP Request

    GET http://2.bp.blogspot.com/-4E6xibLah1M/UYQhOl314WI/AAAAAAAAIfU/qJFDdp4-xgA/s000/gplus.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://2.bp.blogspot.com/-q2y6zfaeX0M/UjHNv_y8ZDI/AAAAAAAAAJY/qt0VM0TlI8o/s72-c/jupe(1).jpg
    http
    IEXPLORE.EXE
    699 B
    4.1kB
    8
    6

    HTTP Request

    GET http://2.bp.blogspot.com/-q2y6zfaeX0M/UjHNv_y8ZDI/AAAAAAAAAJY/qt0VM0TlI8o/s72-c/jupe(1).jpg

    HTTP Response

    200
  • 142.250.201.170:80
    http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
    http
    IEXPLORE.EXE
    2.0kB
    89.5kB
    38
    67

    HTTP Request

    GET http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

    HTTP Response

    200
  • 216.58.215.33:80
    http://2.bp.blogspot.com/-N6km-8UW6Vc/UkV_NRL_exI/AAAAAAAAAJo/TrWP939E88w/s72-c/xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpg
    http
    IEXPLORE.EXE
    679 B
    5.0kB
    7
    7

    HTTP Request

    GET http://2.bp.blogspot.com/-N6km-8UW6Vc/UkV_NRL_exI/AAAAAAAAAJo/TrWP939E88w/s72-c/xpix_gal0.pagespeed.ic.yMCvXwZwPO.jpg

    HTTP Response

    200
  • 216.58.215.33:80
    http://4.bp.blogspot.com/-YazvPOZfDJU/UYQhN11Ko2I/AAAAAAAAIfM/AQEY4Q_HPjA/s000/facebook.png
    http
    IEXPLORE.EXE
    653 B
    1.6kB
    7
    5

    HTTP Request

    GET http://4.bp.blogspot.com/-YazvPOZfDJU/UYQhN11Ko2I/AAAAAAAAIfM/AQEY4Q_HPjA/s000/facebook.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://4.bp.blogspot.com/-u-tp28Udd9I/UYQhNmb7k4I/AAAAAAAAIfE/D6Iiu2abkSA/s000/twitter.png
    http
    IEXPLORE.EXE
    652 B
    1.6kB
    7
    5

    HTTP Request

    GET http://4.bp.blogspot.com/-u-tp28Udd9I/UYQhNmb7k4I/AAAAAAAAIfE/D6Iiu2abkSA/s000/twitter.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://2.bp.blogspot.com/-frPNWYzkXRs/UYQg-Kwg9bI/AAAAAAAAIcc/bv1ssYTqnss/s000/comments.png
    http
    IEXPLORE.EXE
    1.5kB
    5.7kB
    11
    8

    HTTP Request

    GET http://2.bp.blogspot.com/-DnxXMaoWDD8/Ui266e8vRkI/AAAAAAAAAH8/9chAlZWGkXU/s72-c/IMG_4801(1).jpg

    HTTP Response

    200

    HTTP Request

    GET http://2.bp.blogspot.com/-u_Pb11o3ReU/UYQg8g5OHwI/AAAAAAAAIcE/EyCD1C318S4/s000/wrapper-bg.png

    HTTP Response

    200

    HTTP Request

    GET http://2.bp.blogspot.com/-frPNWYzkXRs/UYQg-Kwg9bI/AAAAAAAAIcc/bv1ssYTqnss/s000/comments.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://4.bp.blogspot.com/-miEE80dX7dY/UYQhP1s1jwI/AAAAAAAAIfk/7NYy8_vGvQ0/s000/rss.png
    http
    IEXPLORE.EXE
    648 B
    2.2kB
    7
    5

    HTTP Request

    GET http://4.bp.blogspot.com/-miEE80dX7dY/UYQhP1s1jwI/AAAAAAAAIfk/7NYy8_vGvQ0/s000/rss.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://4.bp.blogspot.com/-15xFzZnJNMA/Ui7uZ1l-rAI/AAAAAAAAAIM/SLCTuYTCDNs/s72-c/1237172_703041469725939_854811160_n.jpg
    http
    IEXPLORE.EXE
    727 B
    4.3kB
    8
    6

    HTTP Request

    GET http://4.bp.blogspot.com/-15xFzZnJNMA/Ui7uZ1l-rAI/AAAAAAAAAIM/SLCTuYTCDNs/s72-c/1237172_703041469725939_854811160_n.jpg

    HTTP Response

    200
  • 216.58.215.33:80
    http://4.bp.blogspot.com/-Pom3P58xktY/UYQhC7uC9-I/AAAAAAAAIc8/SK4d1V0XDPg/s000/footer-bg.png
    http
    IEXPLORE.EXE
    1.2kB
    6.1kB
    11
    10

    HTTP Request

    GET http://4.bp.blogspot.com/-wiZtwnOMxbE/UhHV5vfNMoI/AAAAAAAAAEs/Vf0Rf-FiX9s/s72-c/rita-aidil-baru.jpg

    HTTP Response

    200

    HTTP Request

    GET http://4.bp.blogspot.com/-Pom3P58xktY/UYQhC7uC9-I/AAAAAAAAIc8/SK4d1V0XDPg/s000/footer-bg.png

    HTTP Response

    200
  • 142.250.201.170:80
    ajax.googleapis.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 142.250.179.78:80
    apis.google.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 216.58.215.33:80
    http://3.bp.blogspot.com/-pQJk3V96rqI/UYQg-pkX4HI/AAAAAAAAIck/qYYceBPC0VM/s000/category.png
    http
    IEXPLORE.EXE
    1.8kB
    41.0kB
    24
    33

    HTTP Request

    GET http://3.bp.blogspot.com/-Wyk7_4khX7k/UjHLK_nkPhI/AAAAAAAAAI4/LIA4EY9Yru8/s1600/ATNY2.jpg

    HTTP Response

    200

    HTTP Request

    GET http://3.bp.blogspot.com/-pQJk3V96rqI/UYQg-pkX4HI/AAAAAAAAIck/qYYceBPC0VM/s000/category.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://4.bp.blogspot.com/-ZNFvado-lKw/UYQg9D_78GI/AAAAAAAAIcM/ln4KxyHm618/s000/date.png
    http
    IEXPLORE.EXE
    1.9kB
    7.0kB
    13
    10

    HTTP Request

    GET http://4.bp.blogspot.com/-KogsprlWx6E/Ui7zLGykQdI/AAAAAAAAAIc/t85adyR7ke8/s72-c/9102013_anakannebaru-a.jpg

    HTTP Response

    200

    HTTP Request

    GET http://4.bp.blogspot.com/-Bwq6mBzNOAU/UYQg76_0_CI/AAAAAAAAIb8/MkWfQIGg0V8/s000/background.png

    HTTP Response

    200

    HTTP Request

    GET http://4.bp.blogspot.com/-lW9h3urNutM/UYQhDRVEHfI/AAAAAAAAIdI/5FNAaWPfVJQ/s000/search.png

    HTTP Response

    200

    HTTP Request

    GET http://4.bp.blogspot.com/-ZNFvado-lKw/UYQg9D_78GI/AAAAAAAAIcM/ln4KxyHm618/s000/date.png

    HTTP Response

    200
  • 142.250.179.67:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.179.67:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.179.67:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.179.67:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.179.67:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.179.67:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.179.67:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.179.67:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS
    http
    IEXPLORE.EXE
    842 B
    3.1kB
    8
    7

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS

    HTTP Response

    200
  • 142.250.179.67:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew
    http
    IEXPLORE.EXE
    886 B
    3.1kB
    9
    6

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew

    HTTP Response

    200
  • 142.250.179.67:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew
    http
    IEXPLORE.EXE
    888 B
    3.1kB
    9
    6

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCRwmeYBu1oKwliPgMEV7Ew

    HTTP Response

    200
  • 142.250.179.67:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    http
    IEXPLORE.EXE
    464 B
    844 B
    5
    3

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D

    HTTP Response

    200
  • 142.250.179.67:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    http
    IEXPLORE.EXE
    464 B
    844 B
    5
    3

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D

    HTTP Response

    200
  • 142.250.179.67:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    http
    IEXPLORE.EXE
    470 B
    1.6kB
    5
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D

    HTTP Response

    200
  • 142.250.179.67:80
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D
    http
    IEXPLORE.EXE
    470 B
    1.6kB
    5
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D

    HTTP Response

    200
  • 172.217.20.163:80
    fonts.gstatic.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 172.217.20.163:80
    http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff
    http
    IEXPLORE.EXE
    841 B
    16.9kB
    12
    15

    HTTP Request

    GET http://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYw.woff

    HTTP Response

    200
  • 216.58.215.33:80
    http://1.bp.blogspot.com/-kRrAzt4n09A/UYQhFDEAQOI/AAAAAAAAIdk/m3h3TLA9E2k/s000/menu-secondary-bg.png
    http
    IEXPLORE.EXE
    668 B
    1.6kB
    7
    5

    HTTP Request

    GET http://1.bp.blogspot.com/-kRrAzt4n09A/UYQhFDEAQOI/AAAAAAAAIdk/m3h3TLA9E2k/s000/menu-secondary-bg.png

    HTTP Response

    200
  • 216.58.215.33:80
    http://1.bp.blogspot.com/-dMs0c7VTy50/UYQhFnCbEGI/AAAAAAAAIds/uZF0bKPSe0U/s000/menu-secondary-separator.png
    http
    IEXPLORE.EXE
    675 B
    1.5kB
    7
    5

    HTTP Request

    GET http://1.bp.blogspot.com/-dMs0c7VTy50/UYQhFnCbEGI/AAAAAAAAIds/uZF0bKPSe0U/s000/menu-secondary-separator.png

    HTTP Response

    200
  • 104.22.74.171:80
    widgets.amung.us
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 104.22.74.171:80
    http://widgets.amung.us/small.js
    http
    IEXPLORE.EXE
    577 B
    4.3kB
    7
    7

    HTTP Request

    GET http://widgets.amung.us/small.js

    HTTP Response

    200
  • 157.240.221.35:80
    www.facebook.com
    IEXPLORE.EXE
    144 B
    92 B
    3
    2
  • 157.240.221.35:80
    http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
    http
    IEXPLORE.EXE
    686 B
    918 B
    6
    5

    HTTP Request

    GET http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

    HTTP Response

    301
  • 157.240.221.35:443
    https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21
    tls, http
    IEXPLORE.EXE
    1.2kB
    7.6kB
    11
    13

    HTTP Request

    GET https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/SehangatAsmaraOnline&layout=button_count&show_faces=false&width=50&action=like&colorscheme=light&height=21

    HTTP Response

    200
  • 142.250.27.84:443
    accounts.google.com
    tls
    IEXPLORE.EXE
    756 B
    4.6kB
    10
    9
  • 142.250.27.84:443
    https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=true
    tls, http
    IEXPLORE.EXE
    1.4kB
    6.1kB
    10
    11

    HTTP Request

    GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D896883900501233879%26postID%3D3441114013059048652%26blogspotRpcToken%3D7657389%26bpli%3D1&go=true

    HTTP Response

    302
  • 95.100.245.144:80
    http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
    http
    393 B
    1.7kB
    4
    4

    HTTP Request

    GET http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl

    HTTP Response

    200
  • 88.221.134.83:80
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    http
    399 B
    1.7kB
    4
    4

    HTTP Request

    GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl

    HTTP Response

    200
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
    7.9kB
    9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    799 B
    7.9kB
    10
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    781 B
    7.9kB
    9
    13
  • 8.8.8.8:53
    3.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    3.bp.blogspot.com

    DNS Response

    216.58.215.33

  • 8.8.8.8:53
    www.blogger.com
    dns
    IEXPLORE.EXE
    61 B
    108 B
    1
    1

    DNS Request

    www.blogger.com

    DNS Response

    216.58.214.169

  • 8.8.8.8:53
    apis.google.com
    dns
    IEXPLORE.EXE
    61 B
    98 B
    1
    1

    DNS Request

    apis.google.com

    DNS Response

    142.250.179.78

  • 8.8.8.8:53
    ajax.googleapis.com
    dns
    IEXPLORE.EXE
    65 B
    81 B
    1
    1

    DNS Request

    ajax.googleapis.com

    DNS Response

    142.250.201.170

  • 8.8.8.8:53
    img2.blogblog.com
    dns
    IEXPLORE.EXE
    63 B
    110 B
    1
    1

    DNS Request

    img2.blogblog.com

    DNS Response

    216.58.214.169

  • 8.8.8.8:53
    www.linkwithin.com
    dns
    IEXPLORE.EXE
    64 B
    94 B
    1
    1

    DNS Request

    www.linkwithin.com

    DNS Response

    118.139.179.30

  • 8.8.8.8:53
    4.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    4.bp.blogspot.com

    DNS Response

    216.58.215.33

  • 8.8.8.8:53
    2.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    2.bp.blogspot.com

    DNS Response

    216.58.215.33

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.179.67

  • 8.8.8.8:53
    1.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    1.bp.blogspot.com

    DNS Response

    216.58.215.33

  • 8.8.8.8:53
    widgets.amung.us
    dns
    IEXPLORE.EXE
    62 B
    110 B
    1
    1

    DNS Request

    widgets.amung.us

    DNS Response

    104.22.74.171
    104.22.75.171
    172.67.8.141

  • 8.8.8.8:53
    www.facebook.com
    dns
    IEXPLORE.EXE
    62 B
    107 B
    1
    1

    DNS Request

    www.facebook.com

    DNS Response

    157.240.221.35

  • 8.8.8.8:53
    accounts.google.com
    dns
    IEXPLORE.EXE
    65 B
    81 B
    1
    1

    DNS Request

    accounts.google.com

    DNS Response

    142.250.27.84

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

  • 8.8.8.8:53
    crl.microsoft.com
    dns
    63 B
    162 B
    1
    1

    DNS Request

    crl.microsoft.com

    DNS Response

    88.221.134.83
    88.221.134.146

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

  • 8.8.8.8:53
    www.microsoft.com
    dns
    iexplore.exe
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    95.100.245.144

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    6e43655cde9d995771bae17b48841830

    SHA1

    493b3fd6809f71382a4b91be21a206f282b791f1

    SHA256

    84d3e8ea78c23c02216d90acff5e27ad83ad91b75e20c8fd466248d8b9b1bf6f

    SHA512

    aafba1acfa6c6f2b2268d981b8bffd70c54f7d3c096e6746560449eec847cd21e2ec81b5b12199399e4dae6f4d64d391c88a3950e7cfbdb4dfc004d52940bdf0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    4893d6b6eb9059afd0fede5f4ed3af14

    SHA1

    a2385f98239432eb5447a5910220ec135b475c13

    SHA256

    17c4d63b642e89fa282f9c6ef9d3dd857b6af45e23f92f169d4a9ed5a7e2248b

    SHA512

    9b6b8c89f35fa6912ddc67cd2f917616aa739156ac6839fb2a608307660a8f0e37fa3c4f1829bd7b1991c375ad04264915ab0a32fe172df581290beb17719296

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fbe8f1b1ea3a1899b3fef29bbdbf3317

    SHA1

    ffaf83308572e79803a1f8f3b745d809a0aab2b1

    SHA256

    1e259225aacf34797bb7a5aa153aa05eb07fb2b3bcf5ffa4059ec95c39e2eba8

    SHA512

    8a03adfc9e198a239aae74ca8d9c15baecc530e70075166f394bcefc017c8a9de0332b228c493cdb0305ab5ee006a555be9cb6a3af9ae476c986c15e8ac0c4b0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bfa3449672caf1c3642e963d3cc331ea

    SHA1

    2af26854939f13ac6e41f2c47357c4e9809eda0e

    SHA256

    60738800e98941a52a15d5bdcd369e0f50d3e6f61b9c872b9351479575e9b50f

    SHA512

    83eb114d279aa6d2200f6586ea8586d98fd8cbe378dd749e9aa7c4e105ce18ff9c428b6ce1f080444c9ce07317d2c8741636f9bf38ffed8ce7a54917c634f2b8

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fd2022791e17b88ae738996cb52261aa

    SHA1

    e6c999a85832d7e2642176ed08ac169455af6d43

    SHA256

    6b4db258ac09e049938e5f91137f5543dedb0f55eb6bd7284aa1cb56b6a94da4

    SHA512

    564624669fbbb8efffbdd895ec4ea63bc25e2dc39809b06aaf23b91c4e99c9e12f12c59f7ba964290a3921076007f533d10202735a17445e7814d3746561a854

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9f05b26fc71e94424339d5e33dafeab1

    SHA1

    ce7111437fe688023016aaf9feb58be4371bde8f

    SHA256

    610d8e16346cc1ed293fc9b02b2782731c658c8bd689a650325e60a5606d79d2

    SHA512

    ef384547b785dfb44f5abd453784bbd72d87339b9d7fd1b062a1a8d617cf8f4b96e7b611e7b22a6d0edd89af7ef9dfdd50e4cf83dd7470acba84ec2017d1b53d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46f99aad936d363734b93da2495ed04d

    SHA1

    1ddc13dc99c7db8288eea600bbad567732798b36

    SHA256

    d07004c6e28c66793f98fb9c9311c38199ac597648dc9d4046aa53106857ef60

    SHA512

    58b88d7ffd862a3508eb49dcfd1b2aa7df96e525512a4fc6978e6242929dcc84f78516b6cec73e188a2ed5ae2dcb72ecca3b2a0098e0227cfe83612526cec3ba

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e3d0fc4df76dea66521ca7f3cc022140

    SHA1

    80aa35358197fe47ffbbbe289122e1ca2760f4a5

    SHA256

    b8b70b32506a137bfffe0a1d599223a7abf9fda5f317f275fb58364fc0846101

    SHA512

    52a63933df44590d569feca2a3df7ace52b7d6af19f17fbb2068785dcf9f3fb6ebdb78bcd6adb400b4b191f7c476319a329e17d9310aa752c3e75206aa143d1d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fcce3b2e13134f58d0c66da638ee52a7

    SHA1

    5df2f2e4c0a022ad41f446ee8c02b9b6f4b3d91a

    SHA256

    3faef70dd1c6d894984f099a1b24f85fec06610bf4d21b97189aad5c55cde151

    SHA512

    83fec45097c6e9b3c06f5b96453c86dfb507a40ea494afdaa8da5f87815c2fe522db564776deb6cec1946a13f2dcdc940aacb5cf9e8c6234a98eeae708c1bd62

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    46d7ad2f5376d8df9367e9357df9cc53

    SHA1

    9869ab77d1d8297683bba7007e1c94e010aa7295

    SHA256

    65e2f62be7f9098ff8e6c002ce007c1bdea282db0bccd730e19a435dd87959e5

    SHA512

    92bb6368815ddcafd18422dbd0b87b4bcdd6768ed3c4c93c7ed79071d04b60cc55926c18e0f0bfb47badbd935021f67c94235e6945f713aef0b9e0a77b51a21b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7db73f7ab266ec66912004da6aa3c05a

    SHA1

    27b9c250df6c68be291e78973cae003bb3741483

    SHA256

    2521a3eabbdfd4f86f21de1783074e83bbcf4f668a1c4691c7543987c514a2f9

    SHA512

    399802a8aa81cd9ac0699e7d32416e0ae201030cdd70d1afd504b08cb8602985799978f9be25c9ad9f9047e4ff9bafffb4004beeb35f5f5a840ae85bc9e9a56d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d7353da530933ae3df4bd56c672ba8ba

    SHA1

    ef9d33a7510023c891256a22ffa4a6801d85c239

    SHA256

    c6608fc86216eff4ec4891cd605b06cfc310362f99826b9c9fd11558fe9a6565

    SHA512

    34d0bac42e6e3ad7a2d6b4b7f13758e4f7adf310e48f734e04f1a29be41e32896ec1281b0bda4df864146887d5da8bfaea01ab706f5525cd045bbd587eaa0004

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    815dfa1f96809ebe7459669e03e84875

    SHA1

    7171eda7f8c154e56695e6e6dc6aec71a9a95b86

    SHA256

    aca983cd5384f82b54759a9863c867801c0a3d8c61d8bd89b7c1c186cd625d09

    SHA512

    d4ae287beb263cc9c5b29cfa4b2f60f63a4d9f94a57325fcbc1c59a8e140cd25db209958f7a4c90a7304d4c14cdbfcc21a5af202390777ec46caf404e1e9da2d

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT668XG4\plusone[1].js

    Filesize

    62KB

    MD5

    3c91ec4a05ec32f698b60dc011298dd8

    SHA1

    f10f0516a67aaf4590d49159cf9d36312653a55e

    SHA256

    96b335b41362fd966c7e5e547db375ef0be7dcb2aec66bf3646782eeaed4b2cf

    SHA512

    05345e754b39e9f83514bc3e14b52f3cbf321738fd7d973da55db99035b11b4152fedce2c203eb34376cc9e18571db514ff9fbcb4174a2dd7cca7e439cd25944

  • C:\Users\Admin\AppData\Local\Temp\CabA43D.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\TarA51A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.