Analysis

  • max time kernel
    72s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    09-01-2025 00:00

General

  • Target

    JaffaCakes118_b3e435707172f7227f7e0cc676c56272.html

  • Size

    96KB

  • MD5

    b3e435707172f7227f7e0cc676c56272

  • SHA1

    60b0f2311de0c435aae24d2cf595dd24e94dfdf5

  • SHA256

    53fc7929246510223b3b017841a1dbdf45666e45342bc40e728cf8904e025350

  • SHA512

    0246e9fedbc35cefb8cec0046cecdffa3ef4ac3db5946ae887adea2c7531c04677f739fabeda1b8d494ba15f5b94921beab4e1f2c4a4f2688d758a927e0dd18c

  • SSDEEP

    3072:SyY8Njz2S81Ep2wvbe9FNa+l/eDkwlXJ2l/esRDyh42sN1rM:48RAp1g9

Malware Config

Signatures

  • SocGholish

    SocGholish is a JavaScript payload that downloads other malware.

  • Socgholish family
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_b3e435707172f7227f7e0cc676c56272.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2388
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2388 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1044

Network

  • flag-us
    DNS
    layanan.oposisi.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    layanan.oposisi.net
    IN A
    Response
  • flag-us
    DNS
    yourjavascript.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    yourjavascript.com
    IN A
    Response
    yourjavascript.com
    IN A
    76.223.54.146
    yourjavascript.com
    IN A
    13.248.169.48
  • flag-us
    DNS
    www.blogger.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.blogger.com
    IN A
    Response
    www.blogger.com
    IN CNAME
    blogger.l.google.com
    blogger.l.google.com
    IN A
    142.250.179.233
  • flag-us
    DNS
    ajax.googleapis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ajax.googleapis.com
    IN A
    Response
    ajax.googleapis.com
    IN A
    172.217.16.234
  • flag-us
    DNS
    dinhquanghuy.110mb.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    dinhquanghuy.110mb.com
    IN A
    Response
  • flag-us
    DNS
    2.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    2.bp.blogspot.com
    IN A
    Response
    2.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    apis.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    apis.google.com
    IN A
    Response
    apis.google.com
    IN CNAME
    plus.l.google.com
    plus.l.google.com
    IN A
    142.250.178.14
  • flag-us
    DNS
    adsensecamp.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    adsensecamp.com
    IN A
    Response
    adsensecamp.com
    IN A
    103.30.145.12
  • flag-us
    DNS
    feeds.feedburner.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    feeds.feedburner.com
    IN A
    Response
    feeds.feedburner.com
    IN CNAME
    www4.l.google.com
    www4.l.google.com
    IN A
    216.58.212.206
  • flag-us
    DNS
    www.linkwithin.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.linkwithin.com
    IN A
    Response
    www.linkwithin.com
    IN CNAME
    linkwithin.com
    linkwithin.com
    IN A
    118.139.179.30
  • flag-us
    DNS
    lh5.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh5.googleusercontent.com
    IN A
    Response
    lh5.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    142.250.200.33
  • flag-us
    DNS
    4.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    4.bp.blogspot.com
    IN A
    Response
    4.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-us
    DNS
    lh3.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh3.googleusercontent.com
    IN A
    Response
    lh3.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    142.250.200.33
  • flag-us
    DNS
    3.bp.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    3.bp.blogspot.com
    IN A
    Response
    3.bp.blogspot.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-gb
    GET
    https://www.blogger.com/static/v1/widgets/3100690138-widgets.js
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:443
    Request
    GET /static/v1/widgets/3100690138-widgets.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 52186
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Mon, 06 Jan 2025 02:26:14 GMT
    Expires: Tue, 06 Jan 2026 02:26:14 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 06 Jan 2025 00:50:23 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 250509
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/img/share_buttons_20_3.png
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:443
    Request
    GET /img/share_buttons_20_3.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 5080
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 04 Jan 2025 17:43:00 GMT
    Expires: Sat, 11 Jan 2025 17:43:00 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Fri, 03 Jan 2025 19:54:21 GMT
    Content-Type: image/png
    Age: 368307
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js
    IEXPLORE.EXE
    Remote address:
    172.217.16.234:443
    Request
    GET /ajax/libs/jquery/1.5.0/jquery.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ajax.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript; charset=UTF-8
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
    Timing-Allow-Origin: *
    Content-Length: 29519
    Date: Thu, 09 Jan 2025 00:00:44 GMT
    Expires: Fri, 09 Jan 2026 00:00:44 GMT
    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://ajax.googleapis.com/ajax/libs/mootools/1.3.1/mootools-yui-compressed.js
    IEXPLORE.EXE
    Remote address:
    172.217.16.234:443
    Request
    GET /ajax/libs/mootools/1.3.1/mootools-yui-compressed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ajax.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript; charset=UTF-8
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
    Timing-Allow-Origin: *
    Content-Length: 28586
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Expires: Fri, 09 Jan 2026 00:01:23 GMT
    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/img/icon18_edit_allbkg.gif
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:443
    Request
    GET /img/icon18_edit_allbkg.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 162
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 04 Jan 2025 17:59:51 GMT
    Expires: Sat, 11 Jan 2025 17:59:51 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Fri, 03 Jan 2025 17:54:44 GMT
    Content-Type: image/gif
    Age: 367292
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
    IEXPLORE.EXE
    Remote address:
    172.217.16.234:443
    Request
    GET /ajax/libs/jquery/1.6.1/jquery.min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ajax.googleapis.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
    Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
    Timing-Allow-Origin: *
    Content-Length: 32124
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 04 Jan 2025 22:42:25 GMT
    Expires: Sun, 04 Jan 2026 22:42:25 GMT
    Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
    Age: 350299
    Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    http://feeds.feedburner.com/DcmGaleri.2.gif
    IEXPLORE.EXE
    Remote address:
    216.58.212.206:80
    Request
    GET /DcmGaleri.2.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: feeds.feedburner.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/xml; charset=utf-8
    Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
    feedburnerv2:
    Last-Modified: Sat, 28 Dec 2024 11:10:46 GMT
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
    Content-Security-Policy: script-src 'nonce-fUWguuyJ46-AW6XDswMskQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self'
    Cross-Origin-Opener-Policy: same-origin
    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Cross-Origin-Resource-Policy: same-site
    reporting-endpoints: default="/_/RaichuFeedServer/web-reports?context=eJzjEtDikmJw1pBicEqfwRoCxELcHKsX_9nNJnBg3tsKJcuk_ML4xNKUzHzdgtKknMzijNSiYl2goG5RYmZyRqluWmpqSnFqUVlqUbyRgZGpgaGBqZ6BeXyBAQApsB39"
    Content-Encoding: gzip
    Transfer-Encoding: chunked
    Server: ESF
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
  • flag-gb
    GET
    http://2.bp.blogspot.com/-gSKEawnzOv8/TnhZyo66VnI/AAAAAAAACN4/f2XwzWsaN3o/w72-h72-p-k-no-nu/setting-input-output-nuendo-cubase_.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /-gSKEawnzOv8/TnhZyo66VnI/AAAAAAAACN4/f2XwzWsaN3o/w72-h72-p-k-no-nu/setting-input-output-nuendo-cubase_.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="setting-input-output-nuendo-cubase_.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 2615
    X-XSS-Protection: 0
    Date: Thu, 09 Jan 2025 00:00:41 GMT
    Expires: Fri, 10 Jan 2025 00:00:41 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v8de"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-sg
    GET
    http://www.linkwithin.com/pixel.png
    IEXPLORE.EXE
    Remote address:
    118.139.179.30:80
    Request
    GET /pixel.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.linkwithin.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Server: Apache
    Content-Length: 315
    Keep-Alive: timeout=5
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
  • flag-gb
    GET
    http://2.bp.blogspot.com/-uSaNeuyL8Ho/T5_SRyaFLAI/AAAAAAAAAUM/FMQkWAvK26I/s1600/headerblog-gfaweb.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /-uSaNeuyL8Ho/T5_SRyaFLAI/AAAAAAAAAUM/FMQkWAvK26I/s1600/headerblog-gfaweb.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="headerblog-gfaweb.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 91801
    X-XSS-Protection: 0
    Date: Thu, 09 Jan 2025 00:00:40 GMT
    Expires: Fri, 10 Jan 2025 00:00:40 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v143"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 3
  • flag-gb
    GET
    http://2.bp.blogspot.com/-UrCnybwBve4/T4VW9oceXcI/AAAAAAAAAO0/0nrDauxU9po/w72-h72-p-k-no-nu/1.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /-UrCnybwBve4/T4VW9oceXcI/AAAAAAAAAO0/0nrDauxU9po/w72-h72-p-k-no-nu/1.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="1.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 2989
    X-XSS-Protection: 0
    Date: Thu, 09 Jan 2025 00:00:41 GMT
    Expires: Fri, 10 Jan 2025 00:00:41 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v6d3"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-us
    GET
    http://yourjavascript.com/290582211131/auto-like-10-seconds.js
    IEXPLORE.EXE
    Remote address:
    76.223.54.146:80
    Request
    GET /290582211131/auto-like-10-seconds.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: yourjavascript.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    content-type: text/html
    date: Thu, 09 Jan 2025 00:00:43 GMT
    content-length: 114
  • flag-gb
    GET
    https://apis.google.com/js/plusone.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /js/plusone.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Date: Thu, 09 Jan 2025 00:00:44 GMT
    Expires: Thu, 09 Jan 2025 00:00:44 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "bb74970fe396ae14"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 54256
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 18:21:47 GMT
    Expires: Thu, 08 Jan 2026 18:21:47 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 Jan 2025 15:55:24 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 20338
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=debug_error/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_2?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=debug_error/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_2?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 14048
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 19:41:37 GMT
    Expires: Thu, 08 Jan 2026 19:41:37 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 Jan 2025 15:55:24 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 15549
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    POST
    https://apis.google.com/_/jserror?script=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&error=Object%20doesn't%20support%20this%20action&line=Not%20available
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    POST /_/jserror?script=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&error=Object%20doesn't%20support%20this%20action&line=Not%20available HTTP/1.1
    Accept: */*
    Content-Type: application/x-www-form-urlencoded;charset=utf-8
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: apis.google.com
    Content-Length: 4510
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 301 Moved Permanently
    Location: http://developers.google.com/
    Cross-Origin-Resource-Policy: cross-origin
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Expires: Thu, 09 Jan 2025 00:30:46 GMT
    Cache-Control: public, max-age=1800
    Server: sffe
    Content-Length: 226
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://apis.google.com/js/platform.js
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /js/platform.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Access-Control-Allow-Origin: *
    Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
    Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
    Timing-Allow-Origin: *
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Expires: Thu, 09 Jan 2025 00:01:23 GMT
    Cache-Control: private, max-age=1800, stale-while-revalidate=1800
    ETag: "6f0e483c03e49aef"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 58892
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 18:18:35 GMT
    Expires: Thu, 08 Jan 2026 18:18:35 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 Jan 2025 15:55:24 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 20572
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=debug_error/exm=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=debug_error/exm=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 14048
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 21:37:54 GMT
    Expires: Thu, 08 Jan 2026 21:37:54 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 Jan 2025 15:55:24 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 8614
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    GET
    http://yourjavascript.com/31244224371/fb.js
    IEXPLORE.EXE
    Remote address:
    76.223.54.146:80
    Request
    GET /31244224371/fb.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: yourjavascript.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    content-type: text/html
    date: Thu, 09 Jan 2025 00:00:43 GMT
    content-length: 114
  • flag-gb
    GET
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs
    IEXPLORE.EXE
    Remote address:
    142.250.178.14:443
    Request
    GET /_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: apis.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Access-Control-Allow-Origin: *
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
    Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
    Content-Length: 14573
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 18:44:42 GMT
    Expires: Thu, 08 Jan 2026 18:44:42 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Wed, 08 Jan 2025 15:55:24 GMT
    Content-Type: text/javascript; charset=UTF-8
    Vary: Accept-Encoding
    Age: 18963
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    GET
    http://yourjavascript.com/03931371151/gfafb.js
    IEXPLORE.EXE
    Remote address:
    76.223.54.146:80
    Request
    GET /03931371151/gfafb.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: yourjavascript.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    content-type: text/html
    date: Thu, 09 Jan 2025 00:00:43 GMT
    content-length: 114
  • flag-sg
    GET
    http://www.linkwithin.com/widget.js
    IEXPLORE.EXE
    Remote address:
    118.139.179.30:80
    Request
    GET /widget.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.linkwithin.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Server: Apache
    Content-Length: 315
    Keep-Alive: timeout=5
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
  • flag-gb
    GET
    https://lh3.googleusercontent.com/proxy/MI1vj8biHQqzeFfFdXAQTtDF550fkmgqptDp9gnCfTit2g_n3Sm1cf9m_UzxIh-ada0zaCIwV52AN9GQrgzOipJG9Xc=w72-h72-n-k-no-nu
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /proxy/MI1vj8biHQqzeFfFdXAQTtDF550fkmgqptDp9gnCfTit2g_n3Sm1cf9m_UzxIh-ada0zaCIwV52AN9GQrgzOipJG9Xc=w72-h72-n-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: image/jpeg
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:00:44 GMT
    Server: fife
    Content-Length: 897
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uUvHq6Y-BZ4LJBAMX0-2eUOa2XY3orVA1EXQvWpYYvXeAXl2rNkcaNqFealpdtlE24Z-RAxRuzjUBqp2QOIULHwjU9rBxu8pF_q1hrFp0lc-UOD62tJKtZdexm7MccgN1pDg=s0-d
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /blogger_img_proxy/AEn0k_uUvHq6Y-BZ4LJBAMX0-2eUOa2XY3orVA1EXQvWpYYvXeAXl2rNkcaNqFealpdtlE24Z-RAxRuzjUBqp2QOIULHwjU9rBxu8pF_q1hrFp0lc-UOD62tJKtZdexm7MccgN1pDg=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/gif
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate, no-transform
    Content-Disposition: attachment;filename="unnamed.gif"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 43
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vigVnWqym_vpYP0we3JDMBJx9aCOBr0iD6uhOtsPECFQYpdIAwuEpmrsSEEV3-c5XJ6SMTTW-E-pVRC9dWinNTVbwuWrGh_u2b=s0-d
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /blogger_img_proxy/AEn0k_vigVnWqym_vpYP0we3JDMBJx9aCOBr0iD6uhOtsPECFQYpdIAwuEpmrsSEEV3-c5XJ6SMTTW-E-pVRC9dWinNTVbwuWrGh_u2b=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/gif
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate, no-transform
    Content-Disposition: attachment;filename="unnamed.gif"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 43
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vQ97kuTF8VNAbgExvb7CRIyZP0YYDRcVeuTqxv6IC3ZAxAewqylcZ4x0cO1hAgA7WtBlt6jHrKsZYNFAouiuQSM22b2ZgsPyo=s0-d
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /blogger_img_proxy/AEn0k_vQ97kuTF8VNAbgExvb7CRIyZP0YYDRcVeuTqxv6IC3ZAxAewqylcZ4x0cO1hAgA7WtBlt6jHrKsZYNFAouiuQSM22b2ZgsPyo=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/gif
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate, no-transform
    Content-Disposition: attachment;filename="unnamed.gif"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 43
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    www.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.google.com
    IN A
    Response
    www.google.com
    IN A
    142.250.187.196
  • flag-us
    DNS
    c.gigcount.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.gigcount.com
    IN A
    Response
  • flag-us
    DNS
    www.reverbnation.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.reverbnation.com
    IN A
    Response
    www.reverbnation.com
    IN A
    3.222.25.176
    www.reverbnation.com
    IN A
    44.199.167.23
  • flag-us
    DNS
    andreykusanagi.googlecode.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    andreykusanagi.googlecode.com
    IN A
    Response
    andreykusanagi.googlecode.com
    IN CNAME
    googlecode.l.googleusercontent.com
    googlecode.l.googleusercontent.com
    IN A
    64.233.184.82
  • flag-us
    DNS
    ib.adnxs.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ib.adnxs.com
    IN A
    Response
    ib.adnxs.com
    IN CNAME
    xandr-g-geo.trafficmanager.net
    xandr-g-geo.trafficmanager.net
    IN CNAME
    ib.anycast.adnxs.com
    ib.anycast.adnxs.com
    IN A
    185.89.210.212
    ib.anycast.adnxs.com
    IN A
    185.89.211.116
    ib.anycast.adnxs.com
    IN A
    185.89.210.82
    ib.anycast.adnxs.com
    IN A
    185.89.210.180
    ib.anycast.adnxs.com
    IN A
    185.89.211.84
    ib.anycast.adnxs.com
    IN A
    185.89.210.153
    ib.anycast.adnxs.com
    IN A
    185.89.210.20
    ib.anycast.adnxs.com
    IN A
    185.89.210.141
    ib.anycast.adnxs.com
    IN A
    185.89.210.122
    ib.anycast.adnxs.com
    IN A
    185.89.210.46
    ib.anycast.adnxs.com
    IN A
    185.89.210.90
    ib.anycast.adnxs.com
    IN A
    185.89.210.244
  • flag-us
    DNS
    icons.iconarchive.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    icons.iconarchive.com
    IN A
    Response
    icons.iconarchive.com
    IN A
    104.21.235.214
    icons.iconarchive.com
    IN A
    104.21.235.213
  • flag-gb
    GET
    https://lh5.googleusercontent.com/proxy/T5nDK30cBcCaH06HgEPaN4APRcnXMHqjX-WMexxv5oGAiw6Z1FYDBT_VKCLuXP3cVECiyF7Hjkg4u2uVs1bgrDHmt9OIlGs=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /proxy/T5nDK30cBcCaH06HgEPaN4APRcnXMHqjX-WMexxv5oGAiw6Z1FYDBT_VKCLuXP3cVECiyF7Hjkg4u2uVs1bgrDHmt9OIlGs=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh5.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:00:44 GMT
    Server: fife
    Content-Length: 1680
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh5.googleusercontent.com/proxy/NjAUw71wtV9ayL9TVMI7P8aztgpyNzZNPlfQO43c_7o6GpPdc_jUzIffedoMK7oRrslmOtmgwLEw8kgq=s0-d
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /proxy/NjAUw71wtV9ayL9TVMI7P8aztgpyNzZNPlfQO43c_7o6GpPdc_jUzIffedoMK7oRrslmOtmgwLEw8kgq=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh5.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Expires: Fri, 10 Jan 2025 00:00:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: attachment;filename="unnamed.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:00:50 GMT
    Server: fife
    Content-Length: 689
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh5.googleusercontent.com/proxy/Vh2UaAJlUNAJelHGjhJIMPaYNSLe5qYpsros1nxnD6jSMvgeGmX3w6G2F6Xy30FLblMrwQZd5pfOMynWFu7MIYfSTqiZB71r8Qar=w72-h72-p-k-no-nu
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /proxy/Vh2UaAJlUNAJelHGjhJIMPaYNSLe5qYpsros1nxnD6jSMvgeGmX3w6G2F6Xy30FLblMrwQZd5pfOMynWFu7MIYfSTqiZB71r8Qar=w72-h72-p-k-no-nu HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh5.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:00:44 GMT
    Server: fife
    Content-Length: 1685
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    http://4.bp.blogspot.com/-Cc4oFF-qe0o/TqiJ8_j5I3I/AAAAAAAACOE/LQGdP2hG_3c/w72-h72-p-k-no-nu/simulanalog-guitar-suite.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /-Cc4oFF-qe0o/TqiJ8_j5I3I/AAAAAAAACOE/LQGdP2hG_3c/w72-h72-p-k-no-nu/simulanalog-guitar-suite.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="simulanalog-guitar-suite.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3769
    X-XSS-Protection: 0
    Date: Thu, 09 Jan 2025 00:00:41 GMT
    Expires: Fri, 10 Jan 2025 00:00:41 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v8e1"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-gb
    GET
    http://4.bp.blogspot.com/_VB5tXm7m6QU/TMfKFJMd8nI/AAAAAAAAABg/uuv0BMg63_I/w72-h72-p-k-no-nu/gamat.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_VB5tXm7m6QU/TMfKFJMd8nI/AAAAAAAAABg/uuv0BMg63_I/w72-h72-p-k-no-nu/gamat.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="gamat.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 2520
    X-XSS-Protection: 0
    Date: Thu, 09 Jan 2025 00:00:41 GMT
    Expires: Fri, 10 Jan 2025 00:00:41 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v18"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-us
    DNS
    feedjit.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    feedjit.com
    IN A
    Response
  • flag-gb
    GET
    http://4.bp.blogspot.com/-eVAZ4GRLCyk/TiqsG95rdJI/AAAAAAAACE4/hCGjzkBlUcU/w72-h72-p-k-no-nu/kjaerhus-effects-660-80.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /-eVAZ4GRLCyk/TiqsG95rdJI/AAAAAAAACE4/hCGjzkBlUcU/w72-h72-p-k-no-nu/kjaerhus-effects-660-80.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 4.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="kjaerhus-effects-660-80.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 4395
    X-XSS-Protection: 0
    Date: Thu, 09 Jan 2025 00:00:41 GMT
    Expires: Fri, 10 Jan 2025 00:00:41 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v1121"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-us
    DNS
    www.alertpay.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.alertpay.com
    IN A
    Response
    www.alertpay.com
    IN A
    52.223.39.56
  • flag-gb
    GET
    https://www.blogger.com/static/v1/widgets/1527282520-widgets.js
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:443
    Request
    GET /static/v1/widgets/1527282520-widgets.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 56888
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 18:43:13 GMT
    Expires: Thu, 08 Jan 2026 18:43:13 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Mon, 27 Sep 2021 08:02:15 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
    Age: 19051
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:443
    Request
    GET /static/v1/widgets/1667664774-css_bundle_v2.css HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 7823
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Fri, 03 Jan 2025 21:20:29 GMT
    Expires: Sat, 03 Jan 2026 21:20:29 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Fri, 12 Nov 2021 02:51:58 GMT
    Content-Type: text/css
    Vary: Accept-Encoding
    Age: 441615
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2961288418925170704&zx=6c728328-d8cc-42ea-95c1-ee436eb9468c
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:443
    Request
    GET /dyn-css/authorization.css?targetBlogID=2961288418925170704&zx=6c728328-d8cc-42ea-95c1-ee436eb9468c HTTP/1.1
    Accept: text/css, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/css; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 09 Jan 2025 00:00:44 GMT
    Last-Modified: Thu, 09 Jan 2025 00:00:44 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:443
    Request
    GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 6620
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Sat, 04 Jan 2025 18:29:04 GMT
    Expires: Sun, 04 Jan 2026 18:29:04 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Sat, 04 Jan 2025 04:52:20 GMT
    Content-Type: text/css
    Vary: Accept-Encoding
    Age: 365539
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8495722861526518967&zx=64487bf5-22a2-48f2-a391-d1fdfdfdcb44
    IEXPLORE.EXE
    Remote address:
    142.250.179.233:443
    Request
    GET /dyn-css/authorization.css?targetBlogID=8495722861526518967&zx=64487bf5-22a2-48f2-a391-d1fdfdfdcb44 HTTP/1.1
    Accept: text/css, */*
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.blogger.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
    Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
    Content-Type: text/css; charset=UTF-8
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Last-Modified: Thu, 09 Jan 2025 00:01:23 GMT
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    mybloggertricks.googlecode.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    mybloggertricks.googlecode.com
    IN A
    Response
    mybloggertricks.googlecode.com
    IN CNAME
    googlecode.l.googleusercontent.com
    googlecode.l.googleusercontent.com
    IN A
    64.233.184.82
  • flag-us
    DNS
    banner.adsensecamp.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    banner.adsensecamp.com
    IN A
    Response
    banner.adsensecamp.com
    IN CNAME
    adsensecamp.com
    adsensecamp.com
    IN A
    103.30.145.12
  • flag-us
    DNS
    imemovaz.googlecode.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    imemovaz.googlecode.com
    IN A
    Response
    imemovaz.googlecode.com
    IN CNAME
    googlecode.l.googleusercontent.com
    googlecode.l.googleusercontent.com
    IN A
    64.233.184.82
  • flag-us
    DNS
    www.lintas.me
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.lintas.me
    IN A
    Response
    www.lintas.me
    IN A
    104.21.59.55
    www.lintas.me
    IN A
    172.67.215.31
  • flag-us
    DNS
    s2.sigmirror.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s2.sigmirror.com
    IN A
    Response
  • flag-us
    DNS
    js-kit.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    js-kit.com
    IN A
    Response
    js-kit.com
    IN A
    52.222.169.79
    js-kit.com
    IN A
    52.222.169.3
    js-kit.com
    IN A
    52.222.169.52
    js-kit.com
    IN A
    52.222.169.66
  • flag-us
    DNS
    vicahya.googlecode.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    vicahya.googlecode.com
    IN A
    Response
    vicahya.googlecode.com
    IN CNAME
    googlecode.l.googleusercontent.com
    googlecode.l.googleusercontent.com
    IN A
    64.233.184.82
  • flag-gb
    GET
    http://3.bp.blogspot.com/-EoBil2KZxB8/TlYVzoVFGlI/AAAAAAAACNY/7aDlrZwZ4Ec/w72-h72-p-k-no-nu/ambience-660-80.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /-EoBil2KZxB8/TlYVzoVFGlI/AAAAAAAACNY/7aDlrZwZ4Ec/w72-h72-p-k-no-nu/ambience-660-80.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="ambience-660-80.jpg"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 3482
    X-XSS-Protection: 0
    Date: Thu, 09 Jan 2025 00:00:41 GMT
    Expires: Fri, 10 Jan 2025 00:00:41 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "v8d6"
    Content-Type: image/jpeg
    Vary: Origin
    Age: 2
  • flag-gb
    GET
    http://3.bp.blogspot.com/-VXmAJdQRHJ8/Tra8E16fZGI/AAAAAAAAClg/o5M632x9qX8/s1600/floatingfb.png
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /-VXmAJdQRHJ8/Tra8E16fZGI/AAAAAAAAClg/o5M632x9qX8/s1600/floatingfb.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Content-Disposition: inline;filename="floatingfb.png"
    X-Content-Type-Options: nosniff
    Server: fife
    Content-Length: 8431
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 20:15:28 GMT
    Expires: Thu, 09 Jan 2025 20:15:28 GMT
    Cache-Control: public, max-age=86400, no-transform
    ETag: "va58"
    Content-Type: image/png
    Vary: Origin
    Age: 13520
  • flag-gb
    GET
    http://www.google.com/jsapi
    IEXPLORE.EXE
    Remote address:
    142.250.187.196:80
    Request
    GET /jsapi HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    X-Content-Type-Options: nosniff
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://www.gstatic.com/charts/loader.js
    Server: sffe
    Content-Length: 237
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:47:31 GMT
    Expires: Thu, 09 Jan 2025 00:17:31 GMT
    Cache-Control: public, max-age=1800
    Content-Type: text/html; charset=UTF-8
    Age: 792
  • flag-nl
    GET
    http://ib.adnxs.com/seg?add=405193&t=2
    IEXPLORE.EXE
    Remote address:
    185.89.210.212:80
    Request
    GET /seg?add=405193&t=2 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ib.adnxs.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 307 Redirection
    Server: nginx/1.23.4
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 0
    Connection: keep-alive
    Cache-Control: no-store, no-cache, private
    Pragma: no-cache
    Expires: Sat, 15 Nov 2008 16:00:00 GMT
    P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
    X-XSS-Protection: 0
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Origin: *
    Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
    Location: https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D405193%26t%3D2
    AN-X-Request-Uuid: d862e6c8-0490-406f-861b-eff7f3419dad
    X-Proxy-Origin: 181.215.176.83; 181.215.176.83; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
  • flag-be
    GET
    http://andreykusanagi.googlecode.com/files/pop-up.js
    IEXPLORE.EXE
    Remote address:
    64.233.184.82:80
    Request
    GET /files/pop-up.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: andreykusanagi.googlecode.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Type: text/html; charset=UTF-8
    Referrer-Policy: no-referrer
    Content-Length: 1576
    Date: Thu, 09 Jan 2025 00:00:43 GMT
  • flag-us
    GET
    http://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif
    IEXPLORE.EXE
    Remote address:
    3.222.25.176:80
    Request
    GET /widgets/trk/40/artist_560616//t.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.reverbnation.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Length: 0
    Connection: keep-alive
    location: https://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif
  • flag-be
    GET
    http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js
    IEXPLORE.EXE
    Remote address:
    64.233.184.82:80
    Request
    GET /files/jquery.colorbox-min.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: mybloggertricks.googlecode.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Type: text/html; charset=UTF-8
    Referrer-Policy: no-referrer
    Content-Length: 1589
    Date: Thu, 09 Jan 2025 00:00:43 GMT
  • flag-us
    GET
    http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png
    IEXPLORE.EXE
    Remote address:
    104.21.235.214:80
    Request
    GET /icons/deleket/folder/24/Mozilla-Thunderbird-icon.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: icons.iconarchive.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html
    Transfer-Encoding: chunked
    Connection: keep-alive
    Vary: Accept-Encoding
    Cache-Control: max-age=5356800
    CF-Cache-Status: HIT
    Age: 2
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSEBfIvml4k7QrqrzaYy40Xw6MiKYZI%2BpBQgQmOAv8%2BOU4nFXYMoEnM5z0BZhZzv0HhtWR%2Fg8HqJof%2Fr2%2FsAx6ioKqklARFW932RFooICSi9bfIyir9WDD%2F9%2BNwxLHQIvHN%2FUXIDfvc%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 8ff0260e2df36518-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
    server-timing: cfL4;desc="?proto=TCP&rtt=46385&min_rtt=46385&rtt_var=23192&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=321&delivery_rate=0&cwnd=230&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
  • flag-us
    GET
    http://www.lintas.me/assets/scripts/widget_v2.js
    IEXPLORE.EXE
    Remote address:
    104.21.59.55:80
    Request
    GET /assets/scripts/widget_v2.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.lintas.me
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html
    Content-Length: 167
    Connection: keep-alive
    Cache-Control: max-age=3600
    Expires: Thu, 09 Jan 2025 01:00:43 GMT
    Location: https://t.ly/
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOpGBvYVcgaaUrJXn28dCs87TXjVCd9FQ7eFGlrIU3OMtmGjzdiEdeJRzHgKOO%2FpWIFD6H1pKmz%2BMfHOlBh2f21A%2FbCvmMTHhBQNMhg%2BeHEzFGwUxGK3FTxW%2B%2BpqvcjJ"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 8ff0260e2d2c6558-LHR
    alt-svc: h3=":443"; ma=86400
    server-timing: cfL4;desc="?proto=TCP&rtt=41985&min_rtt=41985&rtt_var=20992&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=271&delivery_rate=0&cwnd=234&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
  • flag-be
    GET
    http://imemovaz.googlecode.com/files/tripleflap.js
    IEXPLORE.EXE
    Remote address:
    64.233.184.82:80
    Request
    GET /files/tripleflap.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: imemovaz.googlecode.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Type: text/html; charset=UTF-8
    Referrer-Policy: no-referrer
    Content-Length: 1580
    Date: Thu, 09 Jan 2025 00:00:43 GMT
  • flag-fr
    GET
    http://js-kit.com/ratings.js
    IEXPLORE.EXE
    Remote address:
    52.222.169.79:80
    Request
    GET /ratings.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: js-kit.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: CloudFront
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html
    Content-Length: 167
    Connection: keep-alive
    Location: https://js-kit.com/ratings.js
    X-Cache: Redirect from cloudfront
    Via: 1.1 7945bb9729c0979279f468dfe8446e58.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P2
    X-Amz-Cf-Id: 0tCv-q5sh456OUSoVdofNw_U49wxjrgfnb0Fjtfryun1QH8NLeTYnA==
  • flag-be
    GET
    http://vicahya.googlecode.com/files/like.js
    IEXPLORE.EXE
    Remote address:
    64.233.184.82:80
    Request
    GET /files/like.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: vicahya.googlecode.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Type: text/html; charset=UTF-8
    Referrer-Policy: no-referrer
    Content-Length: 1574
    Date: Thu, 09 Jan 2025 00:00:43 GMT
  • flag-nl
    GET
    https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D405193%26t%3D2
    IEXPLORE.EXE
    Remote address:
    185.89.210.212:443
    Request
    GET /sbounce?%2Fseg%3Fadd%3D405193%26t%3D2 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ib.adnxs.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 307 Redirection
    Server: nginx/1.23.4
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 0
    Connection: keep-alive
    Cache-Control: no-store, no-cache, private
    Pragma: no-cache
    Expires: Sat, 15 Nov 2008 16:00:00 GMT
    P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
    X-XSS-Protection: 0
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Origin: *
    Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
    Location: https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2
    AN-X-Request-Uuid: 22180c1c-e27d-436d-9fe6-32000a3c0971
    Set-Cookie: uuid2=135082179465135540; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 09-Apr-2025 00:00:43 GMT; Domain=.adnxs.com; Secure; HttpOnly
    X-Proxy-Origin: 181.215.176.83; 181.215.176.83; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
  • flag-nl
    GET
    https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2
    IEXPLORE.EXE
    Remote address:
    185.89.210.212:443
    Request
    GET /bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2 HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ib.adnxs.com
    Connection: Keep-Alive
    Cookie: uuid2=135082179465135540
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.23.4
    Date: Thu, 09 Jan 2025 00:00:44 GMT
    Content-Type: image/gif
    Content-Length: 43
    Connection: keep-alive
    Cache-Control: no-store, no-cache, private
    Pragma: no-cache
    Expires: Sat, 15 Nov 2008 16:00:00 GMT
    P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
    X-XSS-Protection: 0
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Origin: *
    Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
    AN-X-Request-Uuid: c9154a2a-5a47-4bb9-804d-71e9762bc82a
    Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?`kX8Ne!]tbP6j2F-XstGt!@E<D%2yug; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 09-Apr-2025 00:00:44 GMT; Domain=.adnxs.com; Secure; HttpOnly
    Set-Cookie: uuid2=135082179465135540; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 09-Apr-2025 00:00:44 GMT; Domain=.adnxs.com; Secure; HttpOnly
    X-Proxy-Origin: 181.215.176.83; 181.215.176.83; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
  • flag-us
    DNS
    t.ly
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    t.ly
    IN A
    Response
    t.ly
    IN A
    104.20.7.133
    t.ly
    IN A
    104.20.6.133
  • flag-id
    GET
    http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
    IEXPLORE.EXE
    Remote address:
    103.30.145.12:80
    Request
    GET /show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: adsensecamp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx/1.20.1
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html
    Content-Length: 169
    Connection: keep-alive
    Location: https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
  • flag-id
    GET
    http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF
    IEXPLORE.EXE
    Remote address:
    103.30.145.12:80
    Request
    GET /show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: adsensecamp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx/1.20.1
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html
    Content-Length: 169
    Connection: keep-alive
    Location: https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF
  • flag-id
    GET
    http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
    IEXPLORE.EXE
    Remote address:
    103.30.145.12:80
    Request
    GET /show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: adsensecamp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx/1.20.1
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html
    Content-Length: 169
    Connection: keep-alive
    Location: https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
  • flag-id
    GET
    http://banner.adsensecamp.com/images/banner/white-cloud.gif
    IEXPLORE.EXE
    Remote address:
    103.30.145.12:80
    Request
    GET /images/banner/white-cloud.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: banner.adsensecamp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx/1.20.1
    Date: Thu, 09 Jan 2025 00:00:43 GMT
    Content-Type: text/html
    Content-Length: 169
    Connection: keep-alive
    Location: https://banner.adsensecamp.com/images/banner/white-cloud.gif
  • flag-us
    GET
    https://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif
    IEXPLORE.EXE
    Remote address:
    3.222.25.176:443
    Request
    GET /widgets/trk/40/artist_560616//t.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.reverbnation.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Content-Type: image/gif
    Transfer-Encoding: chunked
    Connection: keep-alive
    server: Apache
    x-xss-protection: 1; mode=block
    pragma: no-cache
    expires: PAST DATE
    cache-control: no-cache, no-store, post-check=0, pre-check=0, public
    content-disposition: inline; filename="track_320.gif"
    content-transfer-encoding: binary
    x-digits-of-pi:
    x-request-id: c6dfb195-f701-4ced-8cd8-6dcb6f936588
    x-runtime: 0.015138
    p3p: CP="DSP ALL COR OUR SAMi UNRi CUR ADM TAI IVA IVD CONo BUS DEM UNI STA LOC NAV COM INT", policyref="/w3c/p3p.xml"
  • flag-us
    GET
    https://t.ly/
    IEXPLORE.EXE
    Remote address:
    104.20.7.133:443
    Request
    GET / HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: t.ly
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 09 Jan 2025 00:00:44 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    vary: Accept-Encoding
    Cache-Control: no-cache, private
    Set-Cookie: XSRF-TOKEN=eyJpdiI6IldoQ2dDMUM5V0NUS0ZDOUppaTZEd2c9PSIsInZhbHVlIjoicFRvSHNuT0NQd005aE9nK1ljSmoxaWNQZUNGbXR5R1c5VTFyL0NjUHV0TVRNZmMzSGVwTHJsU3BMZEcveDcyUHMzak5ZTnpJTGIxNXhKZ0FoQ2gyUVk0WEVlSHdSR21QR241YnJRVmg3ZmNJRWo5TERmMEsvUVAyVTcySDRnejIiLCJtYWMiOiJjZWQwYmY3YWJhMTY3OTVhNjYzYTEyNzAxMzRmNDAwMTJlMjQwZTdlMmYwZGJlOTZkMjA0MmNlZTZiYTRkODRlIiwidGFnIjoiIn0%3D; expires=Thu, 23 Jan 2025 00:00:44 GMT; Max-Age=1209600; path=/; domain=.t.ly; secure; samesite=lax
    Set-Cookie: tly_session=eyJpdiI6ImRtYVM2MkhBTU1IQVBRbW9GVHJlNFE9PSIsInZhbHVlIjoieHNVSXhtTVorUlUyY3F0WnU0MFVvK0pHdHF0bXRJTnlvWEtqdFFEMWw4eCtmZjlhbnRudDBtY3dpZHplSFptd2UyRVdSVng3d3JPcnhMY1pYSWNSc0cybnZFdDZRTEJ1VXhKckZ0b1pNenhaUVJJQWRIVjc3WGhVSElZZVVJeTQiLCJtYWMiOiI1NjRhOTExMmFmNjE1NWZhOGYwNmQzMmM3MWQzOTg1OTk1M2VkMDc4YTE5ODFhYTM3MmNmZTliZTZlYTIwODhiIiwidGFnIjoiIn0%3D; expires=Thu, 23 Jan 2025 00:00:44 GMT; Max-Age=1209600; path=/; domain=.t.ly; secure; httponly; samesite=lax
    x-frame-options: SAMEORIGIN
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    x-whom: tly-app
    x-do-app-origin: 86336e98-11a6-477d-b2fb-e3113d9e1e21
    x-do-orig-status: 200
    Last-Modified: Thu, 09 Jan 2025 00:00:44 GMT
    CF-Cache-Status: BYPASS
    Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
    Server: cloudflare
    CF-RAY: 8ff0261338507725-LHR
    Content-Encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    crt.rootg2.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    crt.rootg2.amazontrust.com
    IN A
    Response
    crt.rootg2.amazontrust.com
    IN A
    3.164.163.90
    crt.rootg2.amazontrust.com
    IN A
    3.164.163.127
    crt.rootg2.amazontrust.com
    IN A
    3.164.163.87
    crt.rootg2.amazontrust.com
    IN A
    3.164.163.59
  • flag-us
    DNS
    crt.rootg2.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    crt.rootg2.amazontrust.com
    IN A
    Response
    crt.rootg2.amazontrust.com
    IN A
    3.164.163.59
    crt.rootg2.amazontrust.com
    IN A
    3.164.163.127
    crt.rootg2.amazontrust.com
    IN A
    3.164.163.90
    crt.rootg2.amazontrust.com
    IN A
    3.164.163.87
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-fr
    GET
    http://crt.rootg2.amazontrust.com/rootg2.cer
    IEXPLORE.EXE
    Remote address:
    3.164.163.90:80
    Request
    GET /rootg2.cer HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crt.rootg2.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: binary/octet-stream
    Content-Length: 1145
    Connection: keep-alive
    Last-Modified: Thu, 02 Jan 2025 12:12:02 GMT
    x-amz-server-side-encryption: AES256
    x-amz-version-id: 8BDeZh_YQ77uc8Ttu_yUu.f3QcyIWl9E
    Accept-Ranges: bytes
    Server: AmazonS3
    Date: Wed, 08 Jan 2025 22:16:37 GMT
    ETag: "c6150925cfea5941ddc7ff2a0a506692"
    X-Cache: Hit from cloudfront
    Via: 1.1 c801a9ac6877c0af9415a646b49cab0e.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG55-P3
    X-Amz-Cf-Id: -rYXgFMWpvc0J44zXr3QtuoS3Vp8dMvTOYs_kd2Had0o7hbqX2SyUQ==
    Age: 6247
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-us
    DNS
    c.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-fr
    GET
    http://crt.rootg2.amazontrust.com/rootg2.cer
    IEXPLORE.EXE
    Remote address:
    3.164.163.59:80
    Request
    GET /rootg2.cer HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crt.rootg2.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: binary/octet-stream
    Content-Length: 1145
    Connection: keep-alive
    Last-Modified: Thu, 02 Jan 2025 12:12:02 GMT
    x-amz-server-side-encryption: AES256
    x-amz-version-id: 8BDeZh_YQ77uc8Ttu_yUu.f3QcyIWl9E
    Accept-Ranges: bytes
    Server: AmazonS3
    Date: Wed, 08 Jan 2025 22:16:37 GMT
    ETag: "c6150925cfea5941ddc7ff2a0a506692"
    X-Cache: Hit from cloudfront
    Via: 1.1 63e0124d7d1d0d75f17b34bf9198138a.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG55-P3
    X-Amz-Cf-Id: 1Gvf6pK7k6KffhzOMpp4zB9dgLhOBJyYKizkDuaJqbDTv-Aeq_rbIg==
    Age: 6247
  • flag-gb
    GET
    http://c.pki.goog/r/gsr1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/gsr1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 1739
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:22:47 GMT
    Expires: Thu, 09 Jan 2025 00:12:47 GMT
    Cache-Control: public, max-age=3000
    Age: 2276
    Last-Modified: Tue, 07 Jan 2025 07:28:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Cache-Control: max-age = 3000
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 304 Not Modified
    Date: Wed, 08 Jan 2025 23:37:32 GMT
    Expires: Thu, 09 Jan 2025 00:27:32 GMT
    Age: 1391
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Cache-Control: public, max-age=3000
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/gsr1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/gsr1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 1739
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:22:47 GMT
    Expires: Thu, 09 Jan 2025 00:12:47 GMT
    Cache-Control: public, max-age=3000
    Age: 2276
    Last-Modified: Tue, 07 Jan 2025 07:28:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r4.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r4.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 436
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:37:30 GMT
    Expires: Thu, 09 Jan 2025 00:27:30 GMT
    Cache-Control: public, max-age=3000
    Age: 1393
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:37:32 GMT
    Expires: Thu, 09 Jan 2025 00:27:32 GMT
    Cache-Control: public, max-age=3000
    Age: 1391
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r4.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r4.crl HTTP/1.1
    Cache-Control: max-age = 3000
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 304 Not Modified
    Date: Wed, 08 Jan 2025 23:37:30 GMT
    Expires: Thu, 09 Jan 2025 00:27:30 GMT
    Age: 1394
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Cache-Control: public, max-age=3000
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:37:32 GMT
    Expires: Thu, 09 Jan 2025 00:27:32 GMT
    Cache-Control: public, max-age=3000
    Age: 1391
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Cache-Control: max-age = 3000
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 304 Not Modified
    Date: Wed, 08 Jan 2025 23:37:32 GMT
    Expires: Thu, 09 Jan 2025 00:27:32 GMT
    Age: 1392
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Cache-Control: public, max-age=3000
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:37:32 GMT
    Expires: Thu, 09 Jan 2025 00:27:32 GMT
    Cache-Control: public, max-age=3000
    Age: 1391
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:37:32 GMT
    Expires: Thu, 09 Jan 2025 00:27:32 GMT
    Cache-Control: public, max-age=3000
    Age: 1391
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:37:32 GMT
    Expires: Thu, 09 Jan 2025 00:27:32 GMT
    Cache-Control: public, max-age=3000
    Age: 1391
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:37:32 GMT
    Expires: Thu, 09 Jan 2025 00:27:32 GMT
    Cache-Control: public, max-age=3000
    Age: 1391
    Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-id
    GET
    https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
    IEXPLORE.EXE
    Remote address:
    103.30.145.12:443
    Request
    GET /show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: adsensecamp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.20.1
    Date: Thu, 09 Jan 2025 00:00:45 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Vary: Accept-Encoding
    X-Powered-By: PHP/5.6.40
    Set-Cookie: PHPSESSID=dl2te24a562aufqd43uhaf8k75; path=/
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Content-Encoding: gzip
  • flag-id
    GET
    https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF
    IEXPLORE.EXE
    Remote address:
    103.30.145.12:443
    Request
    GET /show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: adsensecamp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.20.1
    Date: Thu, 09 Jan 2025 00:00:45 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Vary: Accept-Encoding
    X-Powered-By: PHP/5.6.40
    Set-Cookie: PHPSESSID=f7u40b8sec9e2rgci0huj4cgj0; path=/
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Content-Encoding: gzip
  • flag-id
    GET
    https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
    IEXPLORE.EXE
    Remote address:
    103.30.145.12:443
    Request
    GET /show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: adsensecamp.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.20.1
    Date: Thu, 09 Jan 2025 00:00:45 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Vary: Accept-Encoding
    X-Powered-By: PHP/5.6.40
    Set-Cookie: PHPSESSID=f02ihoa5fuslshba000u09gg43; path=/
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    Pragma: no-cache
    Content-Encoding: gzip
  • flag-us
    DNS
    o.pki.goog
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    142.250.178.3
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:36:03 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1481
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHfMFj7ryzP0CsHo3ZM9KEM%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHfMFj7ryzP0CsHo3ZM9KEM%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:36:03 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1481
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD8Elu9WzbqaxI7ClVJiEyf
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD8Elu9WzbqaxI7ClVJiEyf HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 09 Jan 2025 00:00:16 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 30
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC3gQMnBGSIGwmQ9S3atUk1
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC3gQMnBGSIGwmQ9S3atUk1 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:21:31 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2399
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:36:03 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1484
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC3gQMnBGSIGwmQ9S3atUk1
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC3gQMnBGSIGwmQ9S3atUk1 HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:21:31 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2399
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFcPvTXkgd7BCifc%2Fa9Bw7s%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFcPvTXkgd7BCifc%2Fa9Bw7s%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:25:25 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2119
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:22:11 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2313
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEUyArXDgv5bErfGwqRT1wQ%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEUyArXDgv5bErfGwqRT1wQ%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:54:17 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 426
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCq7RI5SF5moQoe7hdhyE%2Bc
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCq7RI5SF5moQoe7hdhyE%2Bc HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:29:14 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1940
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHfMFj7ryzP0CsHo3ZM9KEM%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHfMFj7ryzP0CsHo3ZM9KEM%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:36:03 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1481
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:55:24 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 360
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:49:06 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 698
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCxSecd6RI1ygrRdV%2FPB3nw
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCxSecd6RI1ygrRdV%2FPB3nw HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:20:14 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2469
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:22:11 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2313
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCxSecd6RI1ygrRdV%2FPB3nw
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCxSecd6RI1ygrRdV%2FPB3nw HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:20:14 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2469
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:49:06 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 698
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:55:24 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 359
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFcPvTXkgd7BCifc%2Fa9Bw7s%3D
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFcPvTXkgd7BCifc%2Fa9Bw7s%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 471
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:25:25 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2119
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC9BcftJg0xdgnj9UiwmG6n
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC9BcftJg0xdgnj9UiwmG6n HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:59:01 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 107
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCq7RI5SF5moQoe7hdhyE%2Bc
    IEXPLORE.EXE
    Remote address:
    142.250.178.3:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCq7RI5SF5moQoe7hdhyE%2Bc HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Wed, 08 Jan 2025 23:29:14 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1940
  • flag-gb
    GET
    http://www.google-analytics.com/ga.js
    IEXPLORE.EXE
    Remote address:
    142.250.200.46:80
    Request
    GET /ga.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.google-analytics.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    X-Content-Type-Options: nosniff
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
    Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
    Server: Golfe2
    Content-Length: 17168
    Date: Wed, 08 Jan 2025 22:26:00 GMT
    Expires: Thu, 09 Jan 2025 00:26:00 GMT
    Cache-Control: public, max-age=7200
    Age: 5685
    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding
  • flag-us
    DNS
    r10.o.lencr.org
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    r10.o.lencr.org
    IN A
    Response
    r10.o.lencr.org
    IN CNAME
    o.lencr.edgesuite.net
    o.lencr.edgesuite.net
    IN CNAME
    a1887.dscq.akamai.net
    a1887.dscq.akamai.net
    IN A
    2.18.190.203
    a1887.dscq.akamai.net
    IN A
    2.18.190.211
  • flag-us
    DNS
    r10.o.lencr.org
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    r10.o.lencr.org
    IN A
    Response
    r10.o.lencr.org
    IN CNAME
    o.lencr.edgesuite.net
    o.lencr.edgesuite.net
    IN CNAME
    a1887.dscq.akamai.net
    a1887.dscq.akamai.net
    IN A
    2.18.190.211
    a1887.dscq.akamai.net
    IN A
    2.18.190.203
  • flag-gb
    GET
    http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgPk1%2BM1ov5Ios2tM%2B22MM3QLA%3D%3D
    IEXPLORE.EXE
    Remote address:
    2.18.190.203:80
    Request
    GET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgPk1%2BM1ov5Ios2tM%2B22MM3QLA%3D%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: r10.o.lencr.org
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/ocsp-response
    Content-Length: 504
    ETag: "D5AA34CB26FE77DD2913D31FA2AF26ED9BA1B0F03DEC5305DB121996ECB193B6"
    Last-Modified: Tue, 07 Jan 2025 09:54:00 UTC
    Cache-Control: public, no-transform, must-revalidate, max-age=18830
    Expires: Thu, 09 Jan 2025 05:14:35 GMT
    Date: Thu, 09 Jan 2025 00:00:45 GMT
    Connection: keep-alive
  • flag-gb
    GET
    http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgPk1%2BM1ov5Ios2tM%2B22MM3QLA%3D%3D
    IEXPLORE.EXE
    Remote address:
    2.18.190.211:80
    Request
    GET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgPk1%2BM1ov5Ios2tM%2B22MM3QLA%3D%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: r10.o.lencr.org
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/ocsp-response
    Content-Length: 504
    ETag: "D5AA34CB26FE77DD2913D31FA2AF26ED9BA1B0F03DEC5305DB121996ECB193B6"
    Last-Modified: Tue, 07 Jan 2025 09:54:00 UTC
    Cache-Control: public, no-transform, must-revalidate, max-age=18919
    Expires: Thu, 09 Jan 2025 05:16:04 GMT
    Date: Thu, 09 Jan 2025 00:00:45 GMT
    Connection: keep-alive
  • flag-us
    DNS
    s10.histats.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s10.histats.com
    IN A
    Response
    s10.histats.com
    IN CNAME
    s10.histats.com.cdn.cloudflare.net
    s10.histats.com.cdn.cloudflare.net
    IN A
    104.20.2.69
    s10.histats.com.cdn.cloudflare.net
    IN A
    104.20.3.69
  • flag-us
    DNS
    chatroll.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    chatroll.com
    IN A
    Response
    chatroll.com
    IN A
    169.47.242.252
  • flag-us
    GET
    http://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    IEXPLORE.EXE
    Remote address:
    169.47.242.252:80
    Request
    GET /embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: chatroll.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Server: nginx/1.18.0
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Content-Type: text/html
    Content-Length: 169
    Connection: keep-alive
    Location: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
  • flag-us
    GET
    http://s10.histats.com/js15.js
    IEXPLORE.EXE
    Remote address:
    104.20.2.69:80
    Request
    GET /js15.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s10.histats.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Content-Type: text/javascript
    Content-Length: 4405
    Connection: keep-alive
    Content-Encoding: gzip
    ETag: "980881274"
    Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
    Vary: Accept-Encoding
    Cache-Control: max-age=28800
    CF-Cache-Status: HIT
    Age: 57158
    Accept-Ranges: bytes
    Server: cloudflare
    CF-RAY: 8ff02620692d63aa-LHR
  • flag-us
    GET
    http://s10.histats.com/js15_gif.js
    IEXPLORE.EXE
    Remote address:
    104.20.2.69:80
    Request
    GET /js15_gif.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s10.histats.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Content-Type: text/javascript
    Content-Length: 4422
    Connection: keep-alive
    Content-Encoding: gzip
    ETag: "1458891563"
    Last-Modified: Thu, 16 Apr 2020 10:44:17 GMT
    Vary: Accept-Encoding
    Cache-Control: max-age=28800
    CF-Cache-Status: HIT
    Age: 39052
    Accept-Ranges: bytes
    Server: cloudflare
    CF-RAY: 8ff026212a1b63aa-LHR
  • flag-us
    DNS
    developers.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    developers.google.com
    IN A
    Response
    developers.google.com
    IN A
    142.250.200.14
  • flag-us
    DNS
    s4.histats.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s4.histats.com
    IN A
    Response
    s4.histats.com
    IN A
    54.39.128.162
    s4.histats.com
    IN A
    54.39.156.32
    s4.histats.com
    IN A
    149.56.240.27
    s4.histats.com
    IN A
    149.56.240.132
    s4.histats.com
    IN A
    149.56.240.131
    s4.histats.com
    IN A
    149.56.240.31
    s4.histats.com
    IN A
    149.56.240.130
    s4.histats.com
    IN A
    149.56.240.128
    s4.histats.com
    IN A
    54.39.128.117
    s4.histats.com
    IN A
    142.4.219.198
    s4.histats.com
    IN A
    149.56.240.127
    s4.histats.com
    IN A
    149.56.240.129
    s4.histats.com
    IN A
    158.69.254.144
  • flag-gb
    GET
    http://developers.google.com/
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:80
    Request
    GET / HTTP/1.1
    Accept: */*
    Content-Type: application/x-www-form-urlencoded;charset=utf-8
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: developers.google.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: https://developers.google.com/
    X-Cloud-Trace-Context: 1d794b2e2f5f264e1e658666cb289d1a
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Content-Type: text/html
    Server: Google Frontend
    Content-Length: 0
  • flag-ca
    GET
    https://s4.histats.com/8005.gif?2263124&@f16&@g0&@h2&@i1&@j1736380844150&@k98&@l2&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20aplikasi.107%20%3Clink%20href%3D'http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif'%20rel%3D'shortcut%20icon'%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s8005&@ten-US&@u1280&@b1:103181007&@b3:1736380844&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5CJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&@w
    IEXPLORE.EXE
    Remote address:
    54.39.128.162:443
    Request
    GET /8005.gif?2263124&@f16&@g0&@h2&@i1&@j1736380844150&@k98&@l2&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20aplikasi.107%20%3Clink%20href%3D'http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif'%20rel%3D'shortcut%20icon'%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s8005&@ten-US&@u1280&@b1:103181007&@b3:1736380844&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5CJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&@w HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s4.histats.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 09 Jan 2025 00:00:25 GMT
    Content-Type: image/gif
    Content-Length: 2656
    Connection: close
    Content-Encoding: gzip
    ETag: "2085292598"
    Last-Modified: Thu, 16 Apr 2020 10:44:17 GMT
    Vary: Accept-Encoding
  • flag-ca
    GET
    https://s4.histats.com/stats/2263124.php?2263124&@f16&@g1&@h1&@i1&@j1736380844052&@k0&@l1&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20aplikasi.107%20%3Clink%20href%3D'http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif'%20rel%3D'shortcut%20icon'%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s600&@ten-US&@u1280&@b1:164451947&@b3:1736380844&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5CJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&@w
    IEXPLORE.EXE
    Remote address:
    54.39.128.162:443
    Request
    GET /stats/2263124.php?2263124&@f16&@g1&@h1&@i1&@j1736380844052&@k0&@l1&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20aplikasi.107%20%3Clink%20href%3D'http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif'%20rel%3D'shortcut%20icon'%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s600&@ten-US&@u1280&@b1:164451947&@b3:1736380844&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5CJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&@w HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: s4.histats.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 09 Jan 2025 00:00:25 GMT
    Content-Type: text/html;charset=UTF-8
    Content-Length: 377
    Connection: close
  • flag-us
    GET
    https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    IEXPLORE.EXE
    Remote address:
    169.47.242.252:443
    Request
    GET /embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: chatroll.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0
    Date: Thu, 09 Jan 2025 00:00:47 GMT
    Content-Type: text/html;charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Set-Cookie: JSESSIONID=18ow9iy2tlquv1o5iy502n5pd51551846; Path=/; Secure; SameSite=None; Domain=chatroll.com
    Expires: Thu, 09 Jan 2025 00:00:46 GMT
    Set-Cookie: __ctma=oqXCJCDhkWG; Path=/; Secure; SameSite=None; Expires=Sat, 09-Jan-2027 00:00:47 GMT; Max-Age=63072000
    P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
    Content-Language: en-US
    Cache-Control: no-cache
    Content-Encoding: gzip
  • flag-us
    GET
    https://chatroll.com/t.gif
    IEXPLORE.EXE
    Remote address:
    169.47.242.252:443
    Request
    GET /t.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: chatroll.com
    Connection: Keep-Alive
    Cookie: JSESSIONID=18ow9iy2tlquv1o5iy502n5pd51551846; __ctma=oqXCJCDhkWG
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0
    Date: Thu, 09 Jan 2025 00:00:47 GMT
    Content-Type: image/gif
    Content-Length: 43
    Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
    Connection: keep-alive
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
  • flag-us
    GET
    https://chatroll.com/service/engine.js;jsessionid=18ow9iy2tlquv1o5iy502n5pd51551846
    IEXPLORE.EXE
    Remote address:
    169.47.242.252:443
    Request
    GET /service/engine.js;jsessionid=18ow9iy2tlquv1o5iy502n5pd51551846 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: chatroll.com
    Connection: Keep-Alive
    Cookie: JSESSIONID=18ow9iy2tlquv1o5iy502n5pd51551846; __ctma=oqXCJCDhkWG
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0
    Date: Thu, 09 Jan 2025 00:00:48 GMT
    Content-Type: text/javascript;charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Pragma: public
    Expires: Thu, 09 Jan 2025 00:00:47 GMT
    Cache-Control: no-cache
    Last-Modified: Fri, 13 Dec 2024 15:16:58 GMT
    ETag: W/"1734103018000"
    Content-Encoding: gzip
  • flag-us
    POST
    https://chatroll.com/service/call/plaincall/ServiceInterface.connect.req
    IEXPLORE.EXE
    Remote address:
    169.47.242.252:443
    Request
    POST /service/call/plaincall/ServiceInterface.connect.req HTTP/1.1
    Accept: */*
    Content-Type: text/plain
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: chatroll.com
    Content-Length: 2047
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: JSESSIONID=18ow9iy2tlquv1o5iy502n5pd51551846; __ctma=oqXCJCDhkWG
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0
    Date: Thu, 09 Jan 2025 00:00:48 GMT
    Content-Type: text/javascript;charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Expires: Thu, 09 Jan 2025 00:00:47 GMT
    Cache-Control: no-cache
    Content-Encoding: gzip
  • flag-us
    GET
    https://chatroll.com/push/D574BB92F0091ED2E9CEA0703887436A299/iframe/D574BB92F0091ED2E9CEA0703887436A299.b5?nc=1736380846901
    IEXPLORE.EXE
    Remote address:
    169.47.242.252:443
    Request
    GET /push/D574BB92F0091ED2E9CEA0703887436A299/iframe/D574BB92F0091ED2E9CEA0703887436A299.b5?nc=1736380846901 HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: chatroll.com
    Connection: Keep-Alive
    Cookie: JSESSIONID=18ow9iy2tlquv1o5iy502n5pd51551846; __ctma=oqXCJCDhkWG
    Response
    HTTP/1.1 200 OK
    Date: Thu, 09 Jan 2025 00:00:49 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: Apache
    Cache-Control: no-store, no-cache
    Pragma: no-cache
  • flag-us
    DNS
    lh3.ggpht.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh3.ggpht.com
    IN A
    Response
    lh3.ggpht.com
    IN CNAME
    photos-ugc.l.googleusercontent.com
    photos-ugc.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-gb
    GET
    http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET /_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.ggpht.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: image/png
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Server: fife
    Content-Length: 915
    X-XSS-Protection: 0
  • flag-gb
    GET
    https://developers.google.com/
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET / HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Connection: Keep-Alive
    Host: developers.google.com
    Response
    HTTP/1.1 200 OK
    Last-Modified: Wed, 18 Dec 2024 17:27:54 GMT
    Content-Type: text/html; charset=utf-8
    Vary: Cookie
    Vary: Accept-Encoding
    Content-Security-Policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-4Z/9bTlx2vySindH4wCvdcczg8uQoA' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
    Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 0
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, must-revalidate
    Expires: 0
    Pragma: no-cache
    Content-Encoding: gzip
    X-Cloud-Trace-Context: 5e1277653575415f8a9dc4c698c0c517
    Date: Thu, 09 Jan 2025 00:00:47 GMT
    Server: Google Frontend
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    ocsp.r2m03.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m03.amazontrust.com
    IN A
    Response
    ocsp.r2m03.amazontrust.com
    IN A
    13.249.8.192
  • flag-us
    DNS
    ocsp.r2m02.amazontrust.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ocsp.r2m02.amazontrust.com
    IN A
    Response
    ocsp.r2m02.amazontrust.com
    IN A
    13.249.8.192
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1mLvJrwqUBl7M%2B9vMvwkA%3D
    IEXPLORE.EXE
    Remote address:
    13.249.8.192:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1mLvJrwqUBl7M%2B9vMvwkA%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Last-Modified: Wed, 08 Jan 2025 23:42:51 GMT
    Server: ECAcc (paa/6F16)
    X-Cache: Miss from cloudfront
    Via: 1.1 4d3c039385e1d4ab0e1d024dacb2fd62.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG53-C1
    X-Amz-Cf-Id: Jlv7WXY3ag6nAKMCslb-pbR1g_JTGh9zM0_s6LDIY9OSG2YOBUqT1w==
    Age: 1075
  • flag-fr
    GET
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1mLvJrwqUBl7M%2B9vMvwkA%3D
    IEXPLORE.EXE
    Remote address:
    13.249.8.192:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1mLvJrwqUBl7M%2B9vMvwkA%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m03.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Last-Modified: Wed, 08 Jan 2025 23:42:51 GMT
    Server: ECAcc (paa/6F16)
    X-Cache: Hit from cloudfront
    Via: 1.1 bbfe794cf908362a338386171e1a8caa.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG53-C1
    X-Amz-Cf-Id: la7JSn8WaNQhGjL_ImaQqihOVI3ztoVeCxsmQYDxqHPS4FscIR5Now==
    Age: 1075
  • flag-fr
    GET
    http://ocsp.r2m02.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRmbQtwnInkvkvr7BNFR%2BS2lTYPjAQUwDFSzVpQw4J8dHHOy%2Bmc%2BXrrguICEAKReGgg%2B%2BXxXhcXq%2FRGrf0%3D
    IEXPLORE.EXE
    Remote address:
    13.249.8.192:80
    Request
    GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRmbQtwnInkvkvr7BNFR%2BS2lTYPjAQUwDFSzVpQw4J8dHHOy%2Bmc%2BXrrguICEAKReGgg%2B%2BXxXhcXq%2FRGrf0%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: ocsp.r2m02.amazontrust.com
    Response
    HTTP/1.1 200 OK
    Content-Type: application/ocsp-response
    Content-Length: 471
    Connection: keep-alive
    Accept-Ranges: bytes
    Cache-Control: max-age=7200
    Date: Wed, 08 Jan 2025 23:55:36 GMT
    Last-Modified: Wed, 08 Jan 2025 22:27:27 GMT
    Server: ECAcc (paa/6F53)
    X-Cache: Hit from cloudfront
    Via: 1.1 c07320a6bd3c3139ec09f5dbe085c0ee.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG53-C1
    X-Amz-Cf-Id: GtRPlueSK1TtSiFViKeZvUlMHrAgJfS7oZ5uDSApGwDHJ9PUArQSRA==
    Age: 5599
  • flag-us
    DNS
    r11.o.lencr.org
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    r11.o.lencr.org
    IN A
    Response
    r11.o.lencr.org
    IN CNAME
    o.lencr.edgesuite.net
    o.lencr.edgesuite.net
    IN CNAME
    a1887.dscq.akamai.net
    a1887.dscq.akamai.net
    IN A
    2.18.190.203
    a1887.dscq.akamai.net
    IN A
    2.18.190.211
  • flag-us
    DNS
    r11.o.lencr.org
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    r11.o.lencr.org
    IN A
    Response
    r11.o.lencr.org
    IN CNAME
    o.lencr.edgesuite.net
    o.lencr.edgesuite.net
    IN CNAME
    a1887.dscq.akamai.net
    a1887.dscq.akamai.net
    IN A
    2.18.190.211
    a1887.dscq.akamai.net
    IN A
    2.18.190.203
  • flag-gb
    GET
    http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D
    IEXPLORE.EXE
    Remote address:
    2.18.190.203:80
    Request
    GET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: r11.o.lencr.org
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/ocsp-response
    Content-Length: 504
    ETag: "ADFF2A588875BB039DC855774A9A4A5F3B1130E9FBFB9D015310833D9DBF0194"
    Last-Modified: Tue, 07 Jan 2025 20:52:00 UTC
    Cache-Control: public, no-transform, must-revalidate, max-age=9932
    Expires: Thu, 09 Jan 2025 02:46:18 GMT
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Connection: keep-alive
  • flag-gb
    GET
    http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgTEfEJQqx2pspw4N1nMaBtDiA%3D%3D
    IEXPLORE.EXE
    Remote address:
    2.18.190.203:80
    Request
    GET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgTEfEJQqx2pspw4N1nMaBtDiA%3D%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: r11.o.lencr.org
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/ocsp-response
    Content-Length: 504
    ETag: "9697C4E392F29D1D37A7430CDA49C85E90B27F63E5C215FC13ACC68188F5EA02"
    Last-Modified: Wed, 08 Jan 2025 11:36:00 UTC
    Cache-Control: public, no-transform, must-revalidate, max-age=17138
    Expires: Thu, 09 Jan 2025 04:46:25 GMT
    Date: Thu, 09 Jan 2025 00:00:47 GMT
    Connection: keep-alive
  • flag-gb
    GET
    http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D
    IEXPLORE.EXE
    Remote address:
    2.18.190.211:80
    Request
    GET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: r11.o.lencr.org
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/ocsp-response
    Content-Length: 504
    ETag: "ADFF2A588875BB039DC855774A9A4A5F3B1130E9FBFB9D015310833D9DBF0194"
    Last-Modified: Tue, 07 Jan 2025 20:52:00 UTC
    Cache-Control: public, no-transform, must-revalidate, max-age=9921
    Expires: Thu, 09 Jan 2025 02:46:07 GMT
    Date: Thu, 09 Jan 2025 00:00:46 GMT
    Connection: keep-alive
  • flag-us
    DNS
    dw3mgzt87vzb4.cloudfront.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    dw3mgzt87vzb4.cloudfront.net
    IN A
    Response
    dw3mgzt87vzb4.cloudfront.net
    IN A
    3.165.112.107
    dw3mgzt87vzb4.cloudfront.net
    IN A
    3.165.112.155
    dw3mgzt87vzb4.cloudfront.net
    IN A
    3.165.112.6
    dw3mgzt87vzb4.cloudfront.net
    IN A
    3.165.112.159
  • flag-fr
    GET
    https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/embed/cached/embed.css
    IEXPLORE.EXE
    Remote address:
    3.165.112.107:443
    Request
    GET /client/eedb7e73/embed/cached/embed.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: dw3mgzt87vzb4.cloudfront.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx/1.18.0
    Date: Tue, 17 Dec 2024 03:15:01 GMT
    Last-Modified: Fri, 13 Dec 2024 14:57:26 GMT
    ETag: W/"675c4b56-503"
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
    Access-Control-Allow-Origin: https://chatroll.com
    Content-Encoding: gzip
    X-Cache: Hit from cloudfront
    Via: 1.1 615aa04bf9a7e415208a596e4a0a8c28.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P3
    X-Amz-Cf-Id: A6M-jhEb9-_i7TK-Ncz3NYfj5sZz2XDZQ7O1I5Kbk75-2ii6blBsaA==
    Age: 1975547
  • flag-fr
    GET
    https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/module/cached/module.js
    IEXPLORE.EXE
    Remote address:
    3.165.112.107:443
    Request
    GET /client/eedb7e73/module/cached/module.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: dw3mgzt87vzb4.cloudfront.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: application/x-javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx/1.18.0
    Date: Fri, 13 Dec 2024 14:58:38 GMT
    Last-Modified: Fri, 13 Dec 2024 14:57:27 GMT
    ETag: W/"675c4b57-6cd78"
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
    Access-Control-Allow-Origin: https://chatroll.com
    Content-Encoding: gzip
    X-Cache: Hit from cloudfront
    Via: 1.1 615aa04bf9a7e415208a596e4a0a8c28.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P3
    X-Amz-Cf-Id: DDsAXTMy_7Udd8AS2h1dY5plijQYzMVWww0ph1LS2tjp1g6wLv17RQ==
    Age: 2278930
  • flag-fr
    GET
    https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/init.js
    IEXPLORE.EXE
    Remote address:
    3.165.112.107:443
    Request
    GET /client/eedb7e73/init.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: dw3mgzt87vzb4.cloudfront.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: application/x-javascript
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx/1.18.0
    Date: Fri, 13 Dec 2024 14:58:38 GMT
    Last-Modified: Fri, 13 Dec 2024 14:57:25 GMT
    ETag: W/"675c4b55-bf7"
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
    Access-Control-Allow-Origin: https://chatroll.com
    Content-Encoding: gzip
    X-Cache: Hit from cloudfront
    Via: 1.1 fa9dd24b650966cfb9dd89acf1096006.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P3
    X-Amz-Cf-Id: vXH7ChbadCxzhLDxCWltScWZ1uaP3Ib1ysgAMTUDnuFZ47WnizMjZw==
    Age: 2278930
  • flag-fr
    GET
    https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/module/cached/module.css
    IEXPLORE.EXE
    Remote address:
    3.165.112.107:443
    Request
    GET /client/eedb7e73/module/cached/module.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: dw3mgzt87vzb4.cloudfront.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Server: nginx/1.18.0
    Date: Fri, 20 Dec 2024 02:43:31 GMT
    Last-Modified: Fri, 13 Dec 2024 14:57:26 GMT
    ETag: W/"675c4b56-419a"
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
    Access-Control-Allow-Origin: https://chatroll.com
    Content-Encoding: gzip
    X-Cache: Hit from cloudfront
    Via: 1.1 c638953b8f2f5aaf22f3f10794d5aeac.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P3
    X-Amz-Cf-Id: bFeDMrHw_I0IMdJowTAr8isEJKoZNGBOK9umunE-4Q99xP2POjD7Qg==
    Age: 1718237
  • flag-fr
    GET
    https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/module/cached/module.png
    IEXPLORE.EXE
    Remote address:
    3.165.112.107:443
    Request
    GET /client/eedb7e73/module/cached/module.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: dw3mgzt87vzb4.cloudfront.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Content-Length: 19656
    Connection: keep-alive
    Server: nginx/1.18.0
    Date: Fri, 13 Dec 2024 14:58:38 GMT
    Last-Modified: Fri, 13 Dec 2024 14:57:26 GMT
    ETag: "675c4b56-4cc8"
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
    Access-Control-Allow-Origin: https://chatroll.com
    Accept-Ranges: bytes
    X-Cache: Hit from cloudfront
    Via: 1.1 c638953b8f2f5aaf22f3f10794d5aeac.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P3
    X-Amz-Cf-Id: T2dzwD0aKw5sW9I2vT0dL-nUo5oWqbwnGxqjYOGmfICahZROShMK7g==
    Age: 2278930
  • flag-us
    DNS
    www.scri8e.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.scri8e.com
    IN A
    Response
    www.scri8e.com
    IN A
    208.87.227.250
  • flag-us
    GET
    http://www.scri8e.com/white.gif
    IEXPLORE.EXE
    Remote address:
    208.87.227.250:80
    Request
    GET /white.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.scri8e.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 09 Jan 2025 00:00:48 GMT
    Server: Apache/2.2.3 (CentOS)
    Last-Modified: Wed, 17 Jan 2007 08:13:09 GMT
    ETag: "11ad02a-284-c8c0f40"
    Accept-Ranges: bytes
    Content-Length: 644
    Connection: close
    Content-Type: image/gif
  • flag-us
    DNS
    connect.facebook.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    connect.facebook.net
    IN A
    Response
    connect.facebook.net
    IN CNAME
    scontent.xx.fbcdn.net
    scontent.xx.fbcdn.net
    IN A
    163.70.128.23
  • flag-fr
    GET
    https://connect.facebook.net/en_US/sdk.js
    IEXPLORE.EXE
    Remote address:
    163.70.128.23:443
    Request
    GET /en_US/sdk.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: connect.facebook.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Access-Control-Expose-Headers: X-FB-Content-MD5
    x-fb-content-md5: 91070725723d14ed4a936b63a59989ab
    ETag: "1ea8d7780b25eb96528b7b365798426a"
    Content-Type: application/x-javascript; charset=utf-8
    timing-allow-origin: *
    Access-Control-Allow-Origin: *
    Expires: Thu, 09 Jan 2025 00:07:49 GMT
    Cache-Control: public,max-age=1200,stale-while-revalidate=3600
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
    cross-origin-opener-policy: same-origin-allow-popups
    X-Content-Type-Options: nosniff
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    X-Frame-Options: DENY
    origin-agent-cluster: ?1
    Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
    content-md5: 5OClgOYJDrSFp5iczkbmfQ==
    X-FB-Debug: owj2+Ga18XoSXXb3e6YU7+Gf1Qjwd5Aa3Fqof76f9E8/bYzFO50M4f7LcB5ERhddF2BBnnw5yER2d+624sDibQ==
    Date: Thu, 09 Jan 2025 00:00:49 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=54, rtx=1, c=15, mss=1357, tbw=3223, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 1689
  • flag-fr
    GET
    https://connect.facebook.net/en_US/sdk.js?hash=cf3542434eb4649eee1864894124414f
    IEXPLORE.EXE
    Remote address:
    163.70.128.23:443
    Request
    GET /en_US/sdk.js?hash=cf3542434eb4649eee1864894124414f HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: connect.facebook.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Access-Control-Expose-Headers: X-FB-Content-MD5
    x-fb-content-md5: bd8f906c33afafabd966738316edf62a
    ETag: "73be11966141a41e9880dcb98f94acec"
    Content-Type: application/x-javascript; charset=utf-8
    timing-allow-origin: *
    Access-Control-Allow-Origin: *
    Expires: Thu, 08 Jan 2026 23:20:49 GMT
    Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
    cross-origin-opener-policy: same-origin-allow-popups
    X-Content-Type-Options: nosniff
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    X-Frame-Options: DENY
    origin-agent-cluster: ?1
    Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
    content-md5: iq+5yElUEGUV6KHK9Fa7tQ==
    X-FB-Debug: FnRxKeJe8PDvX2kWFzY+vJzpPmewI4TL/Tyz9r88FhO6TLsEYT7boCvfFuMx+8moSyC9nGO8+J4J5j5JNN1wqQ==
    Date: Thu, 09 Jan 2025 00:00:49 GMT
    X-FB-Connection-Quality: GOOD; q=0.7, rtt=53, rtx=1, c=19, mss=1357, tbw=7759, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 76642
  • flag-fr
    GET
    https://connect.facebook.net/en_US/all.js
    IEXPLORE.EXE
    Remote address:
    163.70.128.23:443
    Request
    GET /en_US/all.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: connect.facebook.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Access-Control-Expose-Headers: X-FB-Content-MD5
    x-fb-content-md5: 4e09b86a0ff1648c90299e47b2ce3f2b
    ETag: "0de6b02dc21be22b8ea7837c05ac5493"
    Content-Type: application/x-javascript; charset=utf-8
    timing-allow-origin: *
    Access-Control-Allow-Origin: *
    Expires: Thu, 09 Jan 2025 00:12:07 GMT
    Cache-Control: public,max-age=1200,stale-while-revalidate=3600
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
    cross-origin-opener-policy: same-origin-allow-popups
    X-Content-Type-Options: nosniff
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    X-Frame-Options: DENY
    origin-agent-cluster: ?1
    Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
    content-md5: P2PT+B193EbyOzG2dvHoVQ==
    X-FB-Debug: qguMWfvSAe17uwd7qVSUSm9prV24FZWFkk4jqip8wNwZRH8ALR8hT83H6IOKJFKW2vOWN9rPjPr/c8r2iBHjew==
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=49, rtx=2, c=78, mss=1357, tbw=87611, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 1686
  • flag-fr
    GET
    https://connect.facebook.net/en_US/all.js?hash=97c9e52f7900dcfc1673b727c0d6ed56
    IEXPLORE.EXE
    Remote address:
    163.70.128.23:443
    Request
    GET /en_US/all.js?hash=97c9e52f7900dcfc1673b727c0d6ed56 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: connect.facebook.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Access-Control-Expose-Headers: X-FB-Content-MD5
    x-fb-content-md5: af7ab97b2725a1445ea90dcfe6949baa
    ETag: "2cce6e3bc80c5fd6c6962a09844d3046"
    Content-Type: application/x-javascript; charset=utf-8
    timing-allow-origin: *
    Access-Control-Allow-Origin: *
    Expires: Thu, 08 Jan 2026 23:28:46 GMT
    Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
    cross-origin-opener-policy: same-origin-allow-popups
    X-Content-Type-Options: nosniff
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    X-Frame-Options: DENY
    origin-agent-cluster: ?1
    Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
    content-md5: 1b9PCdNKRaTZgoVSjCc+QQ==
    X-FB-Debug: wlVvVPcOPa/+eJ1peFxCCwLZUA8hxlIXZX2BFcKpCl6CiTe6JhQMWRvt4ig5Ru2Lj3/ETJHc7nM/yvRAENXyfA==
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=48, rtx=2, c=84, mss=1357, tbw=92150, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 74780
  • flag-fr
    GET
    https://connect.facebook.net/en_US/all.js
    IEXPLORE.EXE
    Remote address:
    163.70.128.23:443
    Request
    GET /en_US/all.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: connect.facebook.net
    If-None-Match: "0de6b02dc21be22b8ea7837c05ac5493"
    Connection: Keep-Alive
    Response
    HTTP/1.1 304 Not Modified
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Access-Control-Expose-Headers: X-FB-Content-MD5
    x-fb-content-md5: 4e09b86a0ff1648c90299e47b2ce3f2b
    ETag: "0de6b02dc21be22b8ea7837c05ac5493"
    Content-Type: application/x-javascript; charset=utf-8
    timing-allow-origin: *
    Access-Control-Allow-Origin: *
    Expires: Thu, 09 Jan 2025 00:12:07 GMT
    Cache-Control: public,max-age=1200,stale-while-revalidate=3600
    reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
    cross-origin-opener-policy: same-origin-allow-popups
    X-Content-Type-Options: nosniff
    report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    X-Frame-Options: DENY
    origin-agent-cluster: ?1
    Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
    content-md5: P2PT+B193EbyOzG2dvHoVQ==
    X-FB-Debug: qguMWfvSAe17uwd7qVSUSm9prV24FZWFkk4jqip8wNwZRH8ALR8hT83H6IOKJFKW2vOWN9rPjPr/c8r2iBHjew==
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=46, rtx=2, c=112, mss=1357, tbw=170117, tp=-1, tpl=-1, uplat=0, ullat=-1
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
  • flag-us
    DNS
    d167qii8h0pw75.cloudfront.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    d167qii8h0pw75.cloudfront.net
    IN A
    Response
    d167qii8h0pw75.cloudfront.net
    IN A
    52.222.196.33
    d167qii8h0pw75.cloudfront.net
    IN A
    52.222.196.155
    d167qii8h0pw75.cloudfront.net
    IN A
    52.222.196.99
    d167qii8h0pw75.cloudfront.net
    IN A
    52.222.196.209
  • flag-fr
    GET
    https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png
    IEXPLORE.EXE
    Remote address:
    52.222.196.33:443
    Request
    GET /images/D/E/F/DEFAULTUSER-resize_20x20.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: d167qii8h0pw75.cloudfront.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 169
    Connection: keep-alive
    Server: nginx/1.18.0
    Date: Wed, 01 Jan 2025 21:17:13 GMT
    Location: https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
    X-Cache: Hit from cloudfront
    Via: 1.1 5330dca0fb4fc616e3711702aab777a8.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P2
    X-Amz-Cf-Id: a5zKIEh1ENcUW_qEiri1m6xYU4AQeKZnwyzmojf1MtfeW15O5Kx-iA==
    Age: 614616
  • flag-fr
    GET
    https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg
    IEXPLORE.EXE
    Remote address:
    52.222.196.33:443
    Request
    GET /images/D/E/F/DEFAULTUSER-resize_20x20.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: d167qii8h0pw75.cloudfront.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Content-Type: text/html
    Content-Length: 169
    Connection: keep-alive
    Server: nginx/1.18.0
    Date: Thu, 19 Dec 2024 12:26:11 GMT
    Location: https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg
    Expires: Thu, 31 Dec 2037 23:55:55 GMT
    Cache-Control: max-age=315360000
    X-Cache: Hit from cloudfront
    Via: 1.1 a5d054ec657be0f6c3a94aea7a055e24.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG50-P2
    X-Amz-Cf-Id: zGucc0HKzxeOth7Rr6pi-TyzcAcbBIQN7L1EQ-f39LPF067ZJbMBrQ==
    Age: 1769678
  • flag-us
    DNS
    d33tru5sm6wy0x.cloudfront.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    d33tru5sm6wy0x.cloudfront.net
    IN A
    Response
    d33tru5sm6wy0x.cloudfront.net
    IN A
    18.155.128.195
    d33tru5sm6wy0x.cloudfront.net
    IN A
    18.155.128.189
    d33tru5sm6wy0x.cloudfront.net
    IN A
    18.155.128.187
    d33tru5sm6wy0x.cloudfront.net
    IN A
    18.155.128.12
  • flag-fr
    GET
    https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png
    IEXPLORE.EXE
    Remote address:
    18.155.128.195:443
    Request
    GET /images/D/E/F/DEFAULTUSER-resize_20x20.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Connection: Keep-Alive
    Host: d33tru5sm6wy0x.cloudfront.net
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Content-Length: 470
    Connection: keep-alive
    Last-Modified: Tue, 13 Dec 2016 17:24:31 GMT
    Accept-Ranges: bytes
    Server: AmazonS3
    Date: Wed, 08 Jan 2025 10:07:19 GMT
    ETag: "6ac306fbf7cbd22c0e7d83e0c5e82617"
    X-Cache: Hit from cloudfront
    Via: 1.1 4a03c73f3dcfcfd37ea6a992da6dce06.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P4
    X-Amz-Cf-Id: bZwwmyQUM1YItX9TdhmfwbKR6LqHrKBesL8yUIYxDEHZ0mlHI7zzOA==
    Age: 50011
  • flag-fr
    GET
    https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg
    IEXPLORE.EXE
    Remote address:
    18.155.128.195:443
    Request
    GET /images/D/E/F/DEFAULTUSER-resize_20x20.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Connection: Keep-Alive
    Host: d33tru5sm6wy0x.cloudfront.net
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Content-Length: 415
    Connection: keep-alive
    Date: Wed, 08 Jan 2025 12:24:28 GMT
    Last-Modified: Tue, 13 Dec 2016 17:24:31 GMT
    ETag: "b1627bbd09376cde76fe4dc7f6ff7ea3"
    Accept-Ranges: bytes
    Server: AmazonS3
    X-Cache: Hit from cloudfront
    Via: 1.1 7942de46d7f690659dee238fe5cd2d32.cloudfront.net (CloudFront)
    X-Amz-Cf-Pop: CDG52-P4
    X-Amz-Cf-Id: 5oo1T3x7Gv6jZHiwXgoDE6GeYeJMVUBv-dq4P96YItZ6wXo0RanbBw==
    Age: 41782
  • flag-us
    DNS
    lh4.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh4.googleusercontent.com
    IN A
    Response
    lh4.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    142.250.200.33
  • flag-us
    DNS
    lh6.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    lh6.googleusercontent.com
    IN A
    Response
    lh6.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    142.250.200.33
  • flag-gb
    GET
    https://lh4.googleusercontent.com/proxy/GIXx9RzNHSr4iLDX-DY9nggmDdLNxKff7iytSXnLTbZ30Ozqh4v-mI-JK55UPQoijlyLLTPIf2txmmZVXNJXT9I=s0-d
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /proxy/GIXx9RzNHSr4iLDX-DY9nggmDdLNxKff7iytSXnLTbZ30Ozqh4v-mI-JK55UPQoijlyLLTPIf2txmmZVXNJXT9I=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh4.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Expires: Fri, 10 Jan 2025 00:00:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: attachment;filename="unnamed.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:00:50 GMT
    Server: fife
    Content-Length: 428
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh6.googleusercontent.com/proxy/0Sqj0vC_8KuXI_QN2Zy60ifEtVelcuXJxq286gr1nxXXXWL8AYz0tVlyyEldLEwHesBnaQmWQqyZUFzPOtntllfh4f0L=s0-d
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /proxy/0Sqj0vC_8KuXI_QN2Zy60ifEtVelcuXJxq286gr1nxXXXWL8AYz0tVlyyEldLEwHesBnaQmWQqyZUFzPOtntllfh4f0L=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh6.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Cross-Origin-Resource-Policy: cross-origin
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    Expires: Fri, 10 Jan 2025 00:00:50 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: attachment;filename="unnamed.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:00:50 GMT
    Server: fife
    Content-Length: 428
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh6.googleusercontent.com/-9h18YaUZujg/UN_qKjTg3lI/AAAAAAAAAJg/aPhX_V-o3i0/s90/382142_123356677826423_498008173_n%2520-%2520Copy.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /-9h18YaUZujg/UN_qKjTg3lI/AAAAAAAAAJg/aPhX_V-o3i0/s90/382142_123356677826423_498008173_n%2520-%2520Copy.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh6.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: image/png
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Server: fife
    Content-Length: 928
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    www.facebook.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.facebook.com
    IN A
    Response
    www.facebook.com
    IN CNAME
    star-mini.c10r.facebook.com
    star-mini.c10r.facebook.com
    IN A
    163.70.151.35
  • flag-gb
    GET
    https://www.facebook.com/x/oauth/status?client_id=15760828052&input_token&origin=1&redirect_uri=https%3A%2F%2Fchatroll.com%2Fembed%2Fchat%2Fgfa-pro%3Fid%3D9rJ9r33KRKA%26platform%3Dblogger%26w%3D%240&sdk=joey&wants_cookie_data=true
    IEXPLORE.EXE
    Remote address:
    163.70.151.35:443
    Request
    GET /x/oauth/status?client_id=15760828052&input_token&origin=1&redirect_uri=https%3A%2F%2Fchatroll.com%2Fembed%2Fchat%2Fgfa-pro%3Fid%3D9rJ9r33KRKA%26platform%3Dblogger%26w%3D%240&sdk=joey&wants_cookie_data=true HTTP/1.1
    Accept: */*
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.facebook.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/plain; charset=UTF-8
    Access-Control-Expose-Headers: fb-s
    Access-Control-Allow-Credentials: true
    Access-Control-Allow-Origin:
    fb-s: unknown
    fb-error-description: "HTTP Origin header missing."
    reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7457698964669320515", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
    document-policy: force-load-at-top
    permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
    cross-origin-resource-policy: cross-origin
    Pragma: no-cache
    Cache-Control: private, no-cache, no-store, must-revalidate
    Expires: Sat, 01 Jan 2000 00:00:00 GMT
    X-Content-Type-Options: nosniff
    report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7457698964669320515"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
    origin-agent-cluster: ?1
    Strict-Transport-Security: max-age=15552000; preload
    X-FB-Debug: TGLqDbCgV5pWQ9I+GbbYsjbXn7CgnC49c2OzQxzxpu/Rkw6bUnUdLZRBdEGVtx8ng0/eX+z8G70k/kjjOiwCPQ==
    Date: Thu, 09 Jan 2025 00:00:50 GMT
    X-FB-Connection-Quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1357, tbw=3221, tp=-1, tpl=-1, uplat=22, ullat=0
    Alt-Svc: h3=":443"; ma=86400
    Connection: keep-alive
    Content-Length: 0
  • flag-us
    DNS
    www.microsoft.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.microsoft.com
    IN A
    Response
    www.microsoft.com
    IN CNAME
    www.microsoft.com-c-3.edgekey.net
    www.microsoft.com-c-3.edgekey.net
    IN CNAME
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
    IN CNAME
    e13678.dscb.akamaiedge.net
    e13678.dscb.akamaiedge.net
    IN A
    92.123.241.137
  • flag-gb
    GET
    http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
    Remote address:
    92.123.241.137:80
    Request
    GET /pkiops/crl/MicCodSigPCA2011_2011-07-08.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Sun, 18 Aug 2024 00:23:49 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: www.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1078
    Content-Type: application/octet-stream
    Content-MD5: PjrtHAukbJio72s77Ag5mA==
    Last-Modified: Thu, 31 Oct 2024 23:26:09 GMT
    ETag: 0x8DCFA0366D6C4CA
    x-ms-request-id: 23d8bd9a-501e-0045-2bee-2b8209000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Thu, 09 Jan 2025 00:01:16 GMT
    Connection: keep-alive
    TLS_version: UNKNOWN
    ms-cv: CASMicrosoftCV176c76db.0
    ms-cv-esi: CASMicrosoftCV176c76db.0
    X-RTag: RT
  • flag-us
    DNS
    crl.microsoft.com
    Remote address:
    8.8.8.8:53
    Request
    crl.microsoft.com
    IN A
    Response
    crl.microsoft.com
    IN CNAME
    crl.www.ms.akadns.net
    crl.www.ms.akadns.net
    IN CNAME
    a1363.dscg.akamai.net
    a1363.dscg.akamai.net
    IN A
    2.19.117.22
    a1363.dscg.akamai.net
    IN A
    2.19.117.18
  • flag-gb
    GET
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    Remote address:
    2.19.117.22:80
    Request
    GET /pki/crl/products/MicRooCerAut2011_2011_03_22.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    If-Modified-Since: Thu, 26 Sep 2024 02:21:11 GMT
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: crl.microsoft.com
    Response
    HTTP/1.1 200 OK
    Content-Length: 1036
    Content-Type: application/octet-stream
    Content-MD5: +oTkvMkqpdtzWrUHEQQM3g==
    Last-Modified: Thu, 12 Dec 2024 00:06:56 GMT
    ETag: 0x8DD1A40E476D877
    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
    x-ms-request-id: 34cf8d72-601e-004e-4135-4c7962000000
    x-ms-version: 2009-09-19
    x-ms-lease-status: unlocked
    x-ms-blob-type: BlockBlob
    Date: Thu, 09 Jan 2025 00:01:16 GMT
    Connection: keep-alive
  • flag-us
    POST
    https://chatroll.com/service/call/plaincall/ServiceInterface.disconnect.req
    IEXPLORE.EXE
    Remote address:
    169.47.242.252:443
    Request
    POST /service/call/plaincall/ServiceInterface.disconnect.req HTTP/1.1
    Accept: */*
    Content-Type: text/plain
    Referer: https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: chatroll.com
    Content-Length: 248
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: JSESSIONID=18ow9iy2tlquv1o5iy502n5pd51551846; __ctma=oqXCJCDhkWG
    Response
    HTTP/1.1 200 OK
    Server: nginx/1.18.0
    Date: Thu, 09 Jan 2025 00:01:22 GMT
    Content-Type: text/javascript;charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    Expires: Thu, 09 Jan 2025 00:01:21 GMT
    Cache-Control: no-cache
    Content-Encoding: gzip
  • flag-us
    DNS
    damncok.blogspot.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    damncok.blogspot.com
    IN A
    Response
    damncok.blogspot.com
    IN CNAME
    blogspot.l.googleusercontent.com
    blogspot.l.googleusercontent.com
    IN A
    172.217.16.225
  • flag-gb
    GET
    http://damncok.blogspot.com/
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:80
    Request
    GET / HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 301 Moved Permanently
    Location: https://damncok.blogspot.com/
    Content-Type: text/html; charset=UTF-8
    Content-Encoding: gzip
    Date: Thu, 09 Jan 2025 00:01:22 GMT
    Expires: Thu, 09 Jan 2025 00:01:22 GMT
    Cache-Control: private, max-age=0
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    Content-Security-Policy: frame-ancestors 'self'
    X-XSS-Protection: 1; mode=block
    Content-Length: 195
    Server: GSE
  • flag-gb
    GET
    https://damncok.blogspot.com/
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET / HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=UTF-8
    Expires: Thu, 09 Jan 2025 00:01:23 GMT
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Cache-Control: private, max-age=0
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    ETag: W/"af9e04ce5e649a55de5be1d4b59836922850f538ec5bdefbd69939adf5817fbb"
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://damncok.blogspot.com/feeds/posts/default/-/Profil?orderby=updated&alt=json-in-script&callback=labelthumbs
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /feeds/posts/default/-/Profil?orderby=updated&alt=json-in-script&callback=labelthumbs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"8ba5e72808e7b8ac3d2684a66f83dfeccb7e4ef85d28796735abc46b2305a738"
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Thu, 09 Jan 2025 00:01:24 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    Content-Encoding: gzip
    Content-Length: 6256
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://damncok.blogspot.com/js/cookienotice.js
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /js/cookienotice.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
    Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
    Content-Length: 2026
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Expires: Thu, 16 Jan 2025 00:01:23 GMT
    Cache-Control: public, max-age=604800
    Last-Modified: Wed, 08 Jan 2025 22:07:39 GMT
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://2.bp.blogspot.com/-ykvs-q-8rOY/TjjibooGvBI/AAAAAAAAALc/_bPrJCdPex4/s000/user.png
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /-ykvs-q-8rOY/TjjibooGvBI/AAAAAAAAALc/_bPrJCdPex4/s000/user.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 2.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "vb7"
    Expires: Fri, 10 Jan 2025 00:01:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="user.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 841
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://3.bp.blogspot.com/-4nq8YdzDD4M/Tjjib1jpgUI/AAAAAAAAALg/-4dP1xJO3_M/s000/comments.png
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /-4nq8YdzDD4M/Tjjib1jpgUI/AAAAAAAAALg/-4dP1xJO3_M/s000/comments.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: 3.bp.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Access-Control-Expose-Headers: Content-Length
    ETag: "vb8"
    Expires: Fri, 10 Jan 2025 00:01:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="comments.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 569
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://damncok.blogspot.com/feeds/posts/default/-/Download%20MP3?orderby=published&alt=json-in-script&callback=showrecentposts&max-results=999
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /feeds/posts/default/-/Download%20MP3?orderby=published&alt=json-in-script&callback=showrecentposts&max-results=999 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"541e675649de00f4060f149a86a838a40b92cea973c57616f10bbebabce80ff1"
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Thu, 09 Jan 2025 00:01:24 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    Content-Encoding: gzip
    Content-Length: 20934
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://damncok.blogspot.com/feeds/posts/default/-/Video%20Clip?orderby=published&alt=json-in-script&callback=showrecentposts&max-results=999
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /feeds/posts/default/-/Video%20Clip?orderby=published&alt=json-in-script&callback=showrecentposts&max-results=999 HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"cf60c9459df5120b1dbaf10acd19a0eb09106bf88aad4e7b0dff9a0a1a23bcc2"
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Thu, 09 Jan 2025 00:01:24 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    Content-Encoding: gzip
    Content-Length: 6930
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    blogger.googleusercontent.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    blogger.googleusercontent.com
    IN A
    Response
    blogger.googleusercontent.com
    IN CNAME
    googlehosted.l.googleusercontent.com
    googlehosted.l.googleusercontent.com
    IN A
    142.250.200.33
  • flag-gb
    GET
    https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_s4yqvcAgwdHRr9AqwjC6zjvOxLbTIX8quKyoQrtbakbzerZcHJUycPwjHOA6bNe9yTbfbMNw2pvQb7S22bT_UTadYYCx5M9SbjpmEbu6YALDw9S4EK2l008mUYHFXm5UM=s0-d
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /blogger_img_proxy/AEn0k_s4yqvcAgwdHRr9AqwjC6zjvOxLbTIX8quKyoQrtbakbzerZcHJUycPwjHOA6bNe9yTbfbMNw2pvQb7S22bT_UTadYYCx5M9SbjpmEbu6YALDw9S4EK2l008mUYHFXm5UM=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Server: fife
    Content-Length: 1719
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_twFWbmtzkc0DiMcSjNuZDfGPLffRvJFu9d3EVorxZ4d1ODQqtcTA1tMmCXonPsuxzJjOU4vwn9-xOJuafJkeRXFYDBNuAqoR_zGEiIEuuFpEWivVXEr41IqGaIozozGcp_gUn9=s0-d
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /blogger_img_proxy/AEn0k_twFWbmtzkc0DiMcSjNuZDfGPLffRvJFu9d3EVorxZ4d1ODQqtcTA1tMmCXonPsuxzJjOU4vwn9-xOJuafJkeRXFYDBNuAqoR_zGEiIEuuFpEWivVXEr41IqGaIozozGcp_gUn9=s0-d HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: lh3.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Vary: Origin
    Access-Control-Allow-Origin: *
    Timing-Allow-Origin: *
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 1724
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    coepoe.googlecode.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    coepoe.googlecode.com
    IN A
    Response
    coepoe.googlecode.com
    IN CNAME
    googlecode.l.googleusercontent.com
    googlecode.l.googleusercontent.com
    IN A
    64.233.184.82
  • flag-gb
    GET
    https://damncok.blogspot.com/feeds/posts/default/-/Download%20MP3?orderby=updated&alt=json-in-script&callback=labelthumbs
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /feeds/posts/default/-/Download%20MP3?orderby=updated&alt=json-in-script&callback=labelthumbs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"2fe16fce888fd014d5e11a7fdb61894de04dad34aaed85cf39f7f96280bc9fb3"
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Thu, 09 Jan 2025 00:01:24 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    Content-Encoding: gzip
    Content-Length: 15722
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://damncok.blogspot.com/feeds/posts/default/-/Galeri?orderby=updated&alt=json-in-script&callback=labelthumbs
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /feeds/posts/default/-/Galeri?orderby=updated&alt=json-in-script&callback=labelthumbs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"0b999763167eb7bfc7b7a0fae20460bf8cdc3978641135b01be6fd688e652671"
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Thu, 09 Jan 2025 00:01:24 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    Content-Encoding: gzip
    Content-Length: 11194
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://damncok.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"aedce3c9cb00174585aabcebf3e09f92437f02b8543847d4c58aff1e7b516547"
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Thu, 09 Jan 2025 00:01:28 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    Content-Encoding: gzip
    Content-Length: 1639
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://damncok.blogspot.com/favicon.ico
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /favicon.ico HTTP/1.1
    Accept: */*
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/x-icon; charset=UTF-8
    Expires: Thu, 09 Jan 2025 00:01:34 GMT
    Date: Thu, 09 Jan 2025 00:01:34 GMT
    Cache-Control: private, max-age=86400
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    ETag: W/"af9e04ce5e649a55de5be1d4b59836922850f538ec5bdefbd69939adf5817fbb"
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://damncok.blogspot.com/feeds/posts/default/-/Video%20Clip?orderby=updated&alt=json-in-script&callback=labelthumbs
    IEXPLORE.EXE
    Remote address:
    172.217.16.225:443
    Request
    GET /feeds/posts/default/-/Video%20Clip?orderby=updated&alt=json-in-script&callback=labelthumbs HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: damncok.blogspot.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Cross-Origin-Resource-Policy: cross-origin
    ETag: W/"b87d95fd60edc934b6001f9734c1c5d4d520327f54f1bec21884e3b1197e63bf"
    Date: Thu, 09 Jan 2025 00:01:23 GMT
    Content-Type: text/javascript; charset=UTF-8
    Server: blogger-renderd
    Expires: Thu, 09 Jan 2025 00:01:24 GMT
    Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
    X-Content-Type-Options: nosniff
    X-XSS-Protection: 0
    Last-Modified: Fri, 08 Nov 2024 15:41:35 GMT
    Content-Encoding: gzip
    Content-Length: 6901
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    nwidget.networkedblogs.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    nwidget.networkedblogs.com
    IN A
    Response
  • flag-us
    DNS
    s7.addthis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    s7.addthis.com
    IN A
    Response
  • flag-us
    DNS
    fbcdn-sphotos-d-a.akamaihd.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fbcdn-sphotos-d-a.akamaihd.net
    IN A
    Response
    fbcdn-sphotos-d-a.akamaihd.net
    IN CNAME
    fbcdn-sphotos-d-a.akamaihd.net.edgesuite.net
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGwb1PvT9q73iFDWzhQtrAGkxUIHM7t5K_InUGGPGmjcgszU3ht42mL3djb6tx2-d9_EHOeG0rKE5o7JXelMcrLpVdoZB1MHt8BsbEYao-NZVSNpL65EiH6lxO4BmYwoBUXgD318kWARhq/s0/twitter.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEiGwb1PvT9q73iFDWzhQtrAGkxUIHM7t5K_InUGGPGmjcgszU3ht42mL3djb6tx2-d9_EHOeG0rKE5o7JXelMcrLpVdoZB1MHt8BsbEYao-NZVSNpL65EiH6lxO4BmYwoBUXgD318kWARhq/s0/twitter.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1531"
    Expires: Fri, 10 Jan 2025 00:01:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="twitter.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 1269
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwQRXlN7vL6DcBhLtpAXUT6mgAxABsrGuxftPvQDLUOnXhaYJQz6A_8Pm62X3aYKkEfBe8vJYASSQRIpE-0V0QxhFMgW9BF7kQ0fClEhp4DqzWtxlODg2BJ9RO7FiZGZjT8F1v2eTeRQk/s640/Mix-Culture.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjwQRXlN7vL6DcBhLtpAXUT6mgAxABsrGuxftPvQDLUOnXhaYJQz6A_8Pm62X3aYKkEfBe8vJYASSQRIpE-0V0QxhFMgW9BF7kQ0fClEhp4DqzWtxlODg2BJ9RO7FiZGZjT8F1v2eTeRQk/s640/Mix-Culture.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v431"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Mix-Culture.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 143101
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinF733tWwNVgRd5c0e-U0vNrPxbtNTNET9gYhVfg2wRzOttbzXVG4OUiiyKnmLnQMZ41M-v4tuNhDPGJGJEQfZZIn5dXTNFFsQqA4GSrGmyCWSJ6OuYmFJMYdiE3j0g8HROs_6DNXY89rG/s0/twitter.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEinF733tWwNVgRd5c0e-U0vNrPxbtNTNET9gYhVfg2wRzOttbzXVG4OUiiyKnmLnQMZ41M-v4tuNhDPGJGJEQfZZIn5dXTNFFsQqA4GSrGmyCWSJ6OuYmFJMYdiE3j0g8HROs_6DNXY89rG/s0/twitter.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1530"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="twitter.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 1545
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisEU9Zc2RwcjAxqaFhHxUzeYNbL2qBMSL8dHOIyOgDm5s-DKICXs1GiKOef0i9SMN4PA5_g4KDIOb5S66UZFcEY8gVouYjIqaVGRuzrg6yu-9VRlXQMy6o99Xb00DcLyzHHbzqyItYUAj5/s0/favorites.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEisEU9Zc2RwcjAxqaFhHxUzeYNbL2qBMSL8dHOIyOgDm5s-DKICXs1GiKOef0i9SMN4PA5_g4KDIOb5S66UZFcEY8gVouYjIqaVGRuzrg6yu-9VRlXQMy6o99Xb00DcLyzHHbzqyItYUAj5/s0/favorites.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1530"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="favorites.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 1590
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0sExHprodzhz_M57g9Es6gHW2wwYP8WEDy13HqFF_ZgpWpUerzZF3zsIdZZ94Xa6UsYWaeL_tvq2UyKRkLBz_-Z7Cf7USu3JU4GR6MvWi_TjH8BMyd-80a8wPlqquB7Y30nqBWcnVJ9eP/s0/search.gif
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEj0sExHprodzhz_M57g9Es6gHW2wwYP8WEDy13HqFF_ZgpWpUerzZF3zsIdZZ94Xa6UsYWaeL_tvq2UyKRkLBz_-Z7Cf7USu3JU4GR6MvWi_TjH8BMyd-80a8wPlqquB7Y30nqBWcnVJ9eP/s0/search.gif HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/gif
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v14d0"
    Expires: Fri, 10 Jan 2025 00:01:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="search.gif"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 571
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaR4-EKz_R28yq3Pwz1c8mDQS6T79m4IVoACVn9z8bGDzBMqVR4TgK05ykzA9Aj0d3uFJ-vGXUVW77Mwl4ayj6mIGgzVuVL3eOdib-tGdB_PcC2uv_00VduJhiE3Hk9gSa8kCfLsEJQoCi/s0/pagenav-seperator.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhaR4-EKz_R28yq3Pwz1c8mDQS6T79m4IVoACVn9z8bGDzBMqVR4TgK05ykzA9Aj0d3uFJ-vGXUVW77Mwl4ayj6mIGgzVuVL3eOdib-tGdB_PcC2uv_00VduJhiE3Hk9gSa8kCfLsEJQoCi/s0/pagenav-seperator.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1531"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="pagenav-seperator.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 208
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzoJmpGUFFmivvaL3cAzNm8BobImrxKsy0Fn5OzwNPsTBIcav5XBJWFuZyIIQ7pkqp_MWKg-jDluMlHudwG8kGpI7Vwh4VIIDdumtssz2iuUJjdJCZuZaGCQBqOfZSW7WkV-QreLFwWLo/s90/LOGO+2012+%25281%2529.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgzoJmpGUFFmivvaL3cAzNm8BobImrxKsy0Fn5OzwNPsTBIcav5XBJWFuZyIIQ7pkqp_MWKg-jDluMlHudwG8kGpI7Vwh4VIIDdumtssz2iuUJjdJCZuZaGCQBqOfZSW7WkV-QreLFwWLo/s90/LOGO+2012+%25281%2529.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v49b"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="LOGO 2012 (1).png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 6721
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTWxc3jeOkTTGxjB0dul5tlrzp7Vor-w8aFoIm9unJll092Tip_xKFVDJ5TTAtMvoaJqLgXfJwsudGj_62YKDUu0aUcTsLKZ57jIRl-_fX_8FktaxIALVjX8t3qHBZvHcDlvUWpfmrQa3U/s0/digg.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjTWxc3jeOkTTGxjB0dul5tlrzp7Vor-w8aFoIm9unJll092Tip_xKFVDJ5TTAtMvoaJqLgXfJwsudGj_62YKDUu0aUcTsLKZ57jIRl-_fX_8FktaxIALVjX8t3qHBZvHcDlvUWpfmrQa3U/s0/digg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1530"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="digg.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 1597
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnA447-vFzTmT6refOJsT3BJzMDWP9oVR1dUiBiCSdrQFfl9cmkv24EOFiWWMxQZMpLU0Mvj_ZzC5l3npPMsO7Yk00gsp9p3GPXzbU1vNW4o6CXj__PicEeMaS70fUl6oHhK31E8DfF-A/w72-h72-p-k-no-nu/1.JPG
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjnA447-vFzTmT6refOJsT3BJzMDWP9oVR1dUiBiCSdrQFfl9cmkv24EOFiWWMxQZMpLU0Mvj_ZzC5l3npPMsO7Yk00gsp9p3GPXzbU1vNW4o6CXj__PicEeMaS70fUl6oHhK31E8DfF-A/w72-h72-p-k-no-nu/1.JPG HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "vac"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="1.JPG"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 1476
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKT8q68RGwvjSkmVaCIkizUx-5s51qCUYm5LmyNIzYFpDZlBiZin3qi_TdtlaxA4Dps-lULmeS6AUr2yFGOsgYCerfF9w78ToM8Oyghe5IWutRFBv4FHBpBaGda1SDKini9nv_KOWZWTk/s72-c/_DSC6713.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjKT8q68RGwvjSkmVaCIkizUx-5s51qCUYm5LmyNIzYFpDZlBiZin3qi_TdtlaxA4Dps-lULmeS6AUr2yFGOsgYCerfF9w78ToM8Oyghe5IWutRFBv4FHBpBaGda1SDKini9nv_KOWZWTk/s72-c/_DSC6713.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v234"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="_DSC6713.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 4470
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1Mo2f_sVdkPx6xBO7BZ7dOKXBSVBxxreAe6gbvWL4TI8S6Z_9RtxALhVb_e7Ze7DLFm49LQBI-1JpuvaVkyHfTHA7u6M40-sPgELTH1X1LOOsAAerhH1tpxfJEgffbnDdCf50UDHsJjg/s72-c/Jancok+Beat+005.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEh1Mo2f_sVdkPx6xBO7BZ7dOKXBSVBxxreAe6gbvWL4TI8S6Z_9RtxALhVb_e7Ze7DLFm49LQBI-1JpuvaVkyHfTHA7u6M40-sPgELTH1X1LOOsAAerhH1tpxfJEgffbnDdCf50UDHsJjg/s72-c/Jancok+Beat+005.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v61e"
    Expires: Fri, 10 Jan 2025 00:01:28 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Jancok Beat 005.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Server: fife
    Content-Length: 2736
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1Sts3TqJkSwZK477g3oSeNs45LkujYvkYH4bXsxSpZvauqz2pttW3NEZfA2wCYGAy7UBq4tPVOq_01cVxqqalRBXKUDI8e6i8Y6NUL1zLtNHQ6kpkWPQpaWSZISpjaQgONqXQNNtQFQg/s72-c/hi-V+ft+Mickey+&+A.Rehap+-+Ambitious+Boy.wmv_thumbs_%5B2012.09.27_00.37.44%5D.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEh1Sts3TqJkSwZK477g3oSeNs45LkujYvkYH4bXsxSpZvauqz2pttW3NEZfA2wCYGAy7UBq4tPVOq_01cVxqqalRBXKUDI8e6i8Y6NUL1zLtNHQ6kpkWPQpaWSZISpjaQgONqXQNNtQFQg/s72-c/hi-V+ft+Mickey+&+A.Rehap+-+Ambitious+Boy.wmv_thumbs_%5B2012.09.27_00.37.44%5D.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1ed"
    Expires: Fri, 10 Jan 2025 00:01:29 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="hi-V ft Mickey & A.Rehap - Ambitious Boy.wmv_thumbs_[2012.09.27_00.37.44].jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Server: fife
    Content-Length: 4350
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhit1JwWNF_QOcaDyslpAYNO4v0ZqodV5vO1vUyZe8o0RqOrQItcUCLXrKbDNO1Ty_9xcpY6G4PpXGaqeFzxw_95PSjrUAUxgvXvsV3_YHQyIDjnQVITWIY2DbvGyq0tQkY909XQAXw4ejd/s0/fleche2.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhit1JwWNF_QOcaDyslpAYNO4v0ZqodV5vO1vUyZe8o0RqOrQItcUCLXrKbDNO1Ty_9xcpY6G4PpXGaqeFzxw_95PSjrUAUxgvXvsV3_YHQyIDjnQVITWIY2DbvGyq0tQkY909XQAXw4ejd/s0/fleche2.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:30 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="fleche2.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:30 GMT
    Server: fife
    Content-Length: 2940
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiwhYGRNZWCOLoXh42m8tge7YFswTVD8hNrHiwe1HFp0YIrAGQGHNNjlb9csOrY5h1aKDSBoABjJa8byooJ0vQbDw0D8UDUFOhE5xaEdsu1US_3F3FaKZOl50rwC-woqxpG088RW0jECw/s1600/lyric.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgiwhYGRNZWCOLoXh42m8tge7YFswTVD8hNrHiwe1HFp0YIrAGQGHNNjlb9csOrY5h1aKDSBoABjJa8byooJ0vQbDw0D8UDUFOhE5xaEdsu1US_3F3FaKZOl50rwC-woqxpG088RW0jECw/s1600/lyric.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    If-None-Match: "v421"
    Connection: Keep-Alive
    Response
    HTTP/1.1 304 Not Modified
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v421"
    Expires: Fri, 10 Jan 2025 00:01:39 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="lyric.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:39 GMT
    Server: fife
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_chIc_oZf5k4XayHNuRwOfrJyHGw67gY1b0kyRIVYw7odrRSKEAtb9a1FfS57sa_rd0w2cXGD5Km8lHBoGwh3bSPLepyw0yX5AXEos5oMQPNFwzWYY2D3AwIo3jAWMfG1JDgQm3RVFGqT/s0/rss.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEg_chIc_oZf5k4XayHNuRwOfrJyHGw67gY1b0kyRIVYw7odrRSKEAtb9a1FfS57sa_rd0w2cXGD5Km8lHBoGwh3bSPLepyw0yX5AXEos5oMQPNFwzWYY2D3AwIo3jAWMfG1JDgQm3RVFGqT/s0/rss.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1531"
    Expires: Fri, 10 Jan 2025 00:01:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="rss.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 2016
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLCRYHKwrCXLkotMjqaplzXsl42MeHKE1Dm5HS0JM4eFFu2OBnZPfXDTH9FpiP9nqxIEOBdyaM8ATQ4mxO37tEG__ukqcq1AqsnnHN3MI5MN2BjIL9A3MhHpe-xSMgBEHt7rhWb_T5-5XC/s0/nav-bg.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgLCRYHKwrCXLkotMjqaplzXsl42MeHKE1Dm5HS0JM4eFFu2OBnZPfXDTH9FpiP9nqxIEOBdyaM8ATQ4mxO37tEG__ukqcq1AqsnnHN3MI5MN2BjIL9A3MhHpe-xSMgBEHt7rhWb_T5-5XC/s0/nav-bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1531"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="nav-bg.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 203
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/s1600/logogfa.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/s1600/logogfa.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v56d"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="logogfa.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 6053
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb5MXyfVrfLeLDX0wnmhCTfFPKwniZomAnCGTbpvTAT95YMtocpPIkGNxBKd9V61GeRnZX45YPqyAcrER7LYHElMmHgPyEXdTNnOJsDb5d22lXF0VUTgty7yYTFhpFSVJNHTQcQJsRkw38/s0/facebook.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgb5MXyfVrfLeLDX0wnmhCTfFPKwniZomAnCGTbpvTAT95YMtocpPIkGNxBKd9V61GeRnZX45YPqyAcrER7LYHElMmHgPyEXdTNnOJsDb5d22lXF0VUTgty7yYTFhpFSVJNHTQcQJsRkw38/s0/facebook.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1530"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="facebook.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 1453
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/w72-h72-p-k-no-nu/logogfa.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/w72-h72-p-k-no-nu/logogfa.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v56d"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="logogfa.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 1610
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/s72-c/logogfa.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/s72-c/logogfa.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v56d"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="logogfa.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 1610
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-vhpxL99DXifWv29kMUgS99dqMuSfnF4r4BPnw4Ut_Ua2gjedpvI_Zeli3UIaiAQ1YjfUMEEuQT9GPZt201JhOIPwyKc7PMbCCMjZ8EpeP5zfZc3IqfyZ-PrzkhtAQHEhk2qnRLXySm4/s72-c/IMG_4683.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEh-vhpxL99DXifWv29kMUgS99dqMuSfnF4r4BPnw4Ut_Ua2gjedpvI_Zeli3UIaiAQ1YjfUMEEuQT9GPZt201JhOIPwyKc7PMbCCMjZ8EpeP5zfZc3IqfyZ-PrzkhtAQHEhk2qnRLXySm4/s72-c/IMG_4683.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v22f"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="IMG_4683.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 3092
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtHFs056XesvDpnbqjym2wfJ-RGroJlDLUFamuGwthEZ8llkvjo78yW3r5EQEwEm3oiOtWoXqYXVajCw7WUen3K1M4RGgJeb_pz_nIrG4hTmI26yzF7yZ_T4LICKQQ_G5Wg6afODNjULs/s72-c/601073_366129290119784_1740891671_n.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjtHFs056XesvDpnbqjym2wfJ-RGroJlDLUFamuGwthEZ8llkvjo78yW3r5EQEwEm3oiOtWoXqYXVajCw7WUen3K1M4RGgJeb_pz_nIrG4hTmI26yzF7yZ_T4LICKQQ_G5Wg6afODNjULs/s72-c/601073_366129290119784_1740891671_n.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v6ed"
    Expires: Fri, 10 Jan 2025 00:01:28 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="601073_366129290119784_1740891671_n.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Server: fife
    Content-Length: 3808
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicmFdm2IHcNbVl37lby1kJqlev3V9_Y0ekJfKka37un4NzmSnGK__IZjmz-QiMhpUPcKIkLNZ63zSZ_9v9d8b98NBbAwqEjc7hiUa4mltQAJgrIzhXmrXnWJBWmsxyU6XXypy72uVhM3c/s72-c/Awdiss+ft+hiv+&+A.Rehap+-+I'm+the+35+(Gfa+Production).wmv_thumbs_%5B2012.06.07_21.04.08%5D.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEicmFdm2IHcNbVl37lby1kJqlev3V9_Y0ekJfKka37un4NzmSnGK__IZjmz-QiMhpUPcKIkLNZ63zSZ_9v9d8b98NBbAwqEjc7hiUa4mltQAJgrIzhXmrXnWJBWmsxyU6XXypy72uVhM3c/s72-c/Awdiss+ft+hiv+&+A.Rehap+-+I'm+the+35+(Gfa+Production).wmv_thumbs_%5B2012.06.07_21.04.08%5D.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1ef"
    Expires: Fri, 10 Jan 2025 00:01:29 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Awdiss ft hiv & A.Rehap - I'm the 35 (Gfa Production).wmv_thumbs_[2012.06.07_21.04.08].jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Server: fife
    Content-Length: 5490
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjacljnkGg1apNLagne4NbpgiChtfqqC-NyX8f42lxD-EItHDp55LyX4V3XlU_SFdf8jO1pfUjYzgfcW0TMQpmkxNtzJo4laTOZHfvMac-AIKrPHOtcagp3bpFsas2fdE4Y5iAHzS85lkg/s1600/543777_122801967881894_1611834920_n.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjacljnkGg1apNLagne4NbpgiChtfqqC-NyX8f42lxD-EItHDp55LyX4V3XlU_SFdf8jO1pfUjYzgfcW0TMQpmkxNtzJo4laTOZHfvMac-AIKrPHOtcagp3bpFsas2fdE4Y5iAHzS85lkg/s1600/543777_122801967881894_1611834920_n.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v45a"
    Expires: Fri, 10 Jan 2025 00:01:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="543777_122801967881894_1611834920_n.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 59834
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYDWfH3aa4mtWdHUUzz9aYfTlhL4qVOv3LnFWgUkggSRLg2vPhg4LUE3jjo3qxcZgk6KxFoCahicPhi0Pi0mLxnQTdZJBiZgYzWfBlhEbe2SP2M0nLQech68nm5efW_4BNIYMiMLXw8IL_/s0/nav-hover.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjYDWfH3aa4mtWdHUUzz9aYfTlhL4qVOv3LnFWgUkggSRLg2vPhg4LUE3jjo3qxcZgk6KxFoCahicPhi0Pi0mLxnQTdZJBiZgYzWfBlhEbe2SP2M0nLQech68nm5efW_4BNIYMiMLXw8IL_/s0/nav-hover.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1531"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="nav-hover.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 248
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinEmq566cmspi7eGFfO_UXZn8_t65fjroYCG9Id44tAqVIxSjQ11lm23qqEnbYWvp9S65rd77vjAv7X4lslC6QoSX8Xj_PTPK5VTJKq7MGBYVIeOv7rz_rxyqwVJQ9Ezx2uT-sjPT2N2A/s320/860869_373877826052493_1157731708_o.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEinEmq566cmspi7eGFfO_UXZn8_t65fjroYCG9Id44tAqVIxSjQ11lm23qqEnbYWvp9S65rd77vjAv7X4lslC6QoSX8Xj_PTPK5VTJKq7MGBYVIeOv7rz_rxyqwVJQ9Ezx2uT-sjPT2N2A/s320/860869_373877826052493_1157731708_o.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1f7"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="860869_373877826052493_1157731708_o.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 15178
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0x6YmdWqo5tCZYIu7xI6-CYU_WmKnY6kYrcaZPoE2aI-8hVmEJsikklbO4VIoGuQafR5JmLQ-mKl6cXeGlxsC1I3OgMVtvo0uclgxtgcNItiRTRret8uBxKTMEWhIbNvG7zJzVZD7HGvJ/s0/stumbleupon.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEg0x6YmdWqo5tCZYIu7xI6-CYU_WmKnY6kYrcaZPoE2aI-8hVmEJsikklbO4VIoGuQafR5JmLQ-mKl6cXeGlxsC1I3OgMVtvo0uclgxtgcNItiRTRret8uBxKTMEWhIbNvG7zJzVZD7HGvJ/s0/stumbleupon.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1530"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="stumbleupon.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 2081
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCHr98aG9ah1qq3vgOQk3Y2ijahFSfr7uEiUR61VU1u1H4DrYdWKzsl0xVYS681e8Z86GnsV0UA_3efFTyDhuYFq3YzKSsGbeX3-AwTz7pfRfuo-eYJCPTlNPTV-UxrDz7rZIF6f1ofU0/s72-c/223990_3578959391255_925619459_n.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgCHr98aG9ah1qq3vgOQk3Y2ijahFSfr7uEiUR61VU1u1H4DrYdWKzsl0xVYS681e8Z86GnsV0UA_3efFTyDhuYFq3YzKSsGbeX3-AwTz7pfRfuo-eYJCPTlNPTV-UxrDz7rZIF6f1ofU0/s72-c/223990_3578959391255_925619459_n.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1a9"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="223990_3578959391255_925619459_n.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 5377
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSO8_UuZURfw9mfQLhLp5-2mC0MCJkx_StWuvTkO1ZUelJphxTWG9V-PV-I-yJcetwX4b2TdgcYuwxZqcP0nY0i4s8y6blMAyU1IkoMj_lP1S8amoWwsawtTCajCVctFv0YGmT6mYATPU/s72-c/LB_Flow.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjSO8_UuZURfw9mfQLhLp5-2mC0MCJkx_StWuvTkO1ZUelJphxTWG9V-PV-I-yJcetwX4b2TdgcYuwxZqcP0nY0i4s8y6blMAyU1IkoMj_lP1S8amoWwsawtTCajCVctFv0YGmT6mYATPU/s72-c/LB_Flow.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1b1"
    Expires: Fri, 10 Jan 2025 00:01:28 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="LB_Flow.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Server: fife
    Content-Length: 4707
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg24hGlT5xlcdQuv2ekPqtBYrOn2DYDJXnJLUx3W1Y8OHRmmUBhkjOf840ns_UV6JVk8a76Id7zYlii55EEseQ6TgucQAFGrDJaxSE2LiWWYA6vm_Fe54y18FoZD7miFcTRKNjgcIcPWP-m/
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEg24hGlT5xlcdQuv2ekPqtBYrOn2DYDJXnJLUx3W1Y8OHRmmUBhkjOf840ns_UV6JVk8a76Id7zYlii55EEseQ6TgucQAFGrDJaxSE2LiWWYA6vm_Fe54y18FoZD7miFcTRKNjgcIcPWP-m/ HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v70"
    Expires: Fri, 10 Jan 2025 00:01:29 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="noimage.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Server: fife
    Content-Length: 2546
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiwhYGRNZWCOLoXh42m8tge7YFswTVD8hNrHiwe1HFp0YIrAGQGHNNjlb9csOrY5h1aKDSBoABjJa8byooJ0vQbDw0D8UDUFOhE5xaEdsu1US_3F3FaKZOl50rwC-woqxpG088RW0jECw/s1600/lyric.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgiwhYGRNZWCOLoXh42m8tge7YFswTVD8hNrHiwe1HFp0YIrAGQGHNNjlb9csOrY5h1aKDSBoABjJa8byooJ0vQbDw0D8UDUFOhE5xaEdsu1US_3F3FaKZOl50rwC-woqxpG088RW0jECw/s1600/lyric.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v421"
    Expires: Fri, 10 Jan 2025 00:01:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="lyric.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 173214
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiesjVwaV1NxoYBTLwe62s6seaYf43Y_stFACD4mKUt-idP84Sa5vwQnXO1_k2SWdQaOYItRtfM9pHkAzBqwv0tJ-1LbbucJa3RoGrIriTrD1_wJ8u2nHT-ZVkQOLM8bo6Q49ME78uQVck/s640/Desain.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEiesjVwaV1NxoYBTLwe62s6seaYf43Y_stFACD4mKUt-idP84Sa5vwQnXO1_k2SWdQaOYItRtfM9pHkAzBqwv0tJ-1LbbucJa3RoGrIriTrD1_wJ8u2nHT-ZVkQOLM8bo6Q49ME78uQVck/s640/Desain.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v439"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Desain.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 97524
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgo9PJSco70Bd4Abi8kUzX7oG5r4Zd5NNPARnhD36rv6vI__oGYHdxHDi-Pg_RMgG6phib0sFPdwOacnc_-3Lc0TEsgE61Fpe8pynZl9H_1G3H3qWm2by5S-_RtP2iBh-_YX9W1H83Za0Pn/s90/553764_481897048520709_306664410_n.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgo9PJSco70Bd4Abi8kUzX7oG5r4Zd5NNPARnhD36rv6vI__oGYHdxHDi-Pg_RMgG6phib0sFPdwOacnc_-3Lc0TEsgE61Fpe8pynZl9H_1G3H3qWm2by5S-_RtP2iBh-_YX9W1H83Za0Pn/s90/553764_481897048520709_306664410_n.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v116"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="553764_481897048520709_306664410_n.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 2790
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSBMD1Ugmv_AXj_zmQpgKE5HXWRL1MycJVazGMyxDFu7hUUxSqTVAIz870XHKxHNClexkVODVrUNf1mPCq2wPRPu2cmmPU0C9NqnrjBRsAmME2hTrxQDyuzW4i4vKAFBIJp027jqHSqpvq/s0/more.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEiSBMD1Ugmv_AXj_zmQpgKE5HXWRL1MycJVazGMyxDFu7hUUxSqTVAIz870XHKxHNClexkVODVrUNf1mPCq2wPRPu2cmmPU0C9NqnrjBRsAmME2hTrxQDyuzW4i4vKAFBIJp027jqHSqpvq/s0/more.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1530"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="more.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 1492
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghp3-foulrQhogzhGSIohS2Z3f61aWWL4Qzxx5q83JPDyhIvp817Sk5gUAmpCMSP2fBZM0aKvxhT3KW1OcxLWvFdWqkkRROJ5qTKVdVIEcyt_DnVnkMRMxIa75R675p64npndW0xBKJpo/s1600/Video-Clip.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEghp3-foulrQhogzhGSIohS2Z3f61aWWL4Qzxx5q83JPDyhIvp817Sk5gUAmpCMSP2fBZM0aKvxhT3KW1OcxLWvFdWqkkRROJ5qTKVdVIEcyt_DnVnkMRMxIa75R675p64npndW0xBKJpo/s1600/Video-Clip.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v429"
    Expires: Fri, 10 Jan 2025 00:01:24 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Video-Clip.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Server: fife
    Content-Length: 63808
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3eYbglwVgUgrIdO-Rq6PbRrJkuXL8zE-aZq2LN1ZxvJv1ut3LnmpYo0VmWwOeI7BMeuGt1R-GucVE_J2QkZF3g4e17XGWZkWpCKdGoDDksbRpbIVGqTUiEzqnqitBmtFOT9DwsN35tNg/s1600/Jancok-Beat.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEg3eYbglwVgUgrIdO-Rq6PbRrJkuXL8zE-aZq2LN1ZxvJv1ut3LnmpYo0VmWwOeI7BMeuGt1R-GucVE_J2QkZF3g4e17XGWZkWpCKdGoDDksbRpbIVGqTUiEzqnqitBmtFOT9DwsN35tNg/s1600/Jancok-Beat.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v452"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Jancok-Beat.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 190106
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIx0qBolID0xTg6qLrAJnQ41ZEBIW62kc-CI5Hs6cGB_QWGgcgDnA3EO4hqjmBYDrOuOLosPr9HaqbasFhad8AzlMMpuRBW83J_1VWVwx-svcbjMMHEAIMlSNq0DXK4yOWRPRHfcu_1iR7/s0/delicious.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgIx0qBolID0xTg6qLrAJnQ41ZEBIW62kc-CI5Hs6cGB_QWGgcgDnA3EO4hqjmBYDrOuOLosPr9HaqbasFhad8AzlMMpuRBW83J_1VWVwx-svcbjMMHEAIMlSNq0DXK4yOWRPRHfcu_1iR7/s0/delicious.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1530"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="delicious.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 1707
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxwgq9TvkIgjFeggWAUYIp1UZZY_BB_s0D4yiKZHK8wRQqiYH7usL9WqrpYpUI9puyLZjSBs3sglBniC9NlLtgdDepBDnsVNIE3ETHPqgXEQWBKoJ72s5xr72VNafCBJghoMAZlRZx-zY/w72-h72-p-k-no-nu/555365_443342835734734_252522684_n+(2).jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhxwgq9TvkIgjFeggWAUYIp1UZZY_BB_s0D4yiKZHK8wRQqiYH7usL9WqrpYpUI9puyLZjSBs3sglBniC9NlLtgdDepBDnsVNIE3ETHPqgXEQWBKoJ72s5xr72VNafCBJghoMAZlRZx-zY/w72-h72-p-k-no-nu/555365_443342835734734_252522684_n+(2).jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5fc"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="555365_443342835734734_252522684_n (2).jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 2240
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwWYgX8knmEUO_v1K9ye3tQa0S7VzbU9KFqgexKbmwcQh0LIA9NtJ2koTakQ9X_0rDyFKkiAlt0yeMaBk4XB-2B-9_kiWogkwyunAfIdKVeKgJg9OWjFmTXDj8nrNvG-DJ2HCgtsNsHYk/s72-c/I%2527m+.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhwWYgX8knmEUO_v1K9ye3tQa0S7VzbU9KFqgexKbmwcQh0LIA9NtJ2koTakQ9X_0rDyFKkiAlt0yeMaBk4XB-2B-9_kiWogkwyunAfIdKVeKgJg9OWjFmTXDj8nrNvG-DJ2HCgtsNsHYk/s72-c/I%2527m+.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v763"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="I'm .jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 4853
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXWr1G9-7oQJcXzlivQ1V4wFZyU-460TOF_YkbykwYYc1pKXKPGuegjHk4R6KGQB6hnhPMgcfvVP3Lmzqdmc4ulnIGn9taDWLVgaiPSsZexA8x_hwvp1AUmm6yqXZLMhvsOtEW1ekWPuA/s72-c/get+money.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjXWr1G9-7oQJcXzlivQ1V4wFZyU-460TOF_YkbykwYYc1pKXKPGuegjHk4R6KGQB6hnhPMgcfvVP3Lmzqdmc4ulnIGn9taDWLVgaiPSsZexA8x_hwvp1AUmm6yqXZLMhvsOtEW1ekWPuA/s72-c/get+money.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5a2"
    Expires: Fri, 10 Jan 2025 00:01:28 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="get money.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Server: fife
    Content-Length: 4882
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmqHR4Le-b2rzz4gPavvH8pE-Eb3ht8Hm6Xer8AT_PEDo_Upl1iZ10gUacQHM3stNYEREZfaU4JdAwizmgxe1iF7flawpa-5VUhSw6e5A_AFKcZcBfdWe_9liqOluI9cTJp8VosGW-YSkU/s0/bullet.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhmqHR4Le-b2rzz4gPavvH8pE-Eb3ht8Hm6Xer8AT_PEDo_Upl1iZ10gUacQHM3stNYEREZfaU4JdAwizmgxe1iF7flawpa-5VUhSw6e5A_AFKcZcBfdWe_9liqOluI9cTJp8VosGW-YSkU/s0/bullet.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:29 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="bullet.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Server: fife
    Content-Length: 253
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-be
    GET
    https://coepoe.googlecode.com/files/label.js
    IEXPLORE.EXE
    Remote address:
    64.233.184.82:443
    Request
    GET /files/label.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: coepoe.googlecode.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Content-Type: text/html; charset=UTF-8
    Referrer-Policy: no-referrer
    Content-Length: 1575
    Date: Thu, 09 Jan 2025 00:01:24 GMT
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOnu2j_7HspR0ZGP4lhh8lGIauV7PHDXh8QujyoN5fJSMVhgIisGAoYhPfJvztFxl9lSq2SWveC3igxkpD0OPRE5fStSUCwvF8fZViocwCMGSrY_-3DxVk0zFLGpcj-pgDzMXAY20VkmO2/s0/search-bg.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgOnu2j_7HspR0ZGP4lhh8lGIauV7PHDXh8QujyoN5fJSMVhgIisGAoYhPfJvztFxl9lSq2SWveC3igxkpD0OPRE5fStSUCwvF8fZViocwCMGSrY_-3DxVk0zFLGpcj-pgDzMXAY20VkmO2/s0/search-bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="search-bg.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 226
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjVdu0levN66oGy_1mpbTUN3LJRZkiAgAcd9K_Og6a4bemD_87vTZppKlh_2QFMv62u7BEa9xt6_saZ4jUYCN8VIxS0_FiM_HksPcX0e29KdxsAgQr_7I7Mqux83dOdrgXos3fgFxNnT9d/s90/270528_240480355979243_1789834_n.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhjVdu0levN66oGy_1mpbTUN3LJRZkiAgAcd9K_Og6a4bemD_87vTZppKlh_2QFMv62u7BEa9xt6_saZ4jUYCN8VIxS0_FiM_HksPcX0e29KdxsAgQr_7I7Mqux83dOdrgXos3fgFxNnT9d/s90/270528_240480355979243_1789834_n.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v66"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="270528_240480355979243_1789834_n.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 3639
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLL2ZQsN4g_1RFpzbBl5Uo-_xgk-Dw4h4mCUFkB8ef-cFBUJKBPX2c0IlOB9_rB0MPyBPh6rvP98HRo-iPyL8pf1iu9zo57G7gNJxF8pe5sewBZVGSCG4CdToxjmD9GV5HYBlnDV9VNbs/w72-h72-p-k-no-nu/hi-v+05.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjLL2ZQsN4g_1RFpzbBl5Uo-_xgk-Dw4h4mCUFkB8ef-cFBUJKBPX2c0IlOB9_rB0MPyBPh6rvP98HRo-iPyL8pf1iu9zo57G7gNJxF8pe5sewBZVGSCG4CdToxjmD9GV5HYBlnDV9VNbs/w72-h72-p-k-no-nu/hi-v+05.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1b7"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="hi-v 05.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 4785
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQJ6JF_4t8MRHUY8Xn3gmv1ml3nwG8DFg_Erp5W-yqNUZu9zjvgWPXgKlq6yS3D-nXkeqz21jpofN5tI5Zugk6rwMyNFKS6Nk7fmXGwZst8wpX6hDvkYOXqJyn7Y_-gWu9FU3-SzmVP2Y/s72-c/463132_340191512713562_1110129633_o.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhQJ6JF_4t8MRHUY8Xn3gmv1ml3nwG8DFg_Erp5W-yqNUZu9zjvgWPXgKlq6yS3D-nXkeqz21jpofN5tI5Zugk6rwMyNFKS6Nk7fmXGwZst8wpX6hDvkYOXqJyn7Y_-gWu9FU3-SzmVP2Y/s72-c/463132_340191512713562_1110129633_o.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v54a"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="463132_340191512713562_1110129633_o.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 3961
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrbTMP0Pqwb3TKXca9DbDA7t5Eeb35lmmXA5wxAa_TXFxA_vDi_J0QStwiTV4ODwpEqjcLmvxdcDO1PwZzyBjYgIjLW6OloEY8vJLaJRvQELnCfXIAWgiC6Y8gNtaFlhrm7FJxJyX0794/s72-c/poster.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjrbTMP0Pqwb3TKXca9DbDA7t5Eeb35lmmXA5wxAa_TXFxA_vDi_J0QStwiTV4ODwpEqjcLmvxdcDO1PwZzyBjYgIjLW6OloEY8vJLaJRvQELnCfXIAWgiC6Y8gNtaFlhrm7FJxJyX0794/s72-c/poster.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v5d7"
    Expires: Fri, 10 Jan 2025 00:01:29 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="poster.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Server: fife
    Content-Length: 4344
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMesOAFuugNog2pmXyYtpVH_2YTTVrvlm-ktxXyxAXxumW0ifQ_pduNy566nv_5nOQTADcAQp4pEnOZXoDhpYfHKVPHmOPRvAKxaA7q-_D6ufOadygYEE1s6KUAeoJE4tYJHAQdq3t6zAC/s0/footer-bg.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjMesOAFuugNog2pmXyYtpVH_2YTTVrvlm-ktxXyxAXxumW0ifQ_pduNy566nv_5nOQTADcAQp4pEnOZXoDhpYfHKVPHmOPRvAKxaA7q-_D6ufOadygYEE1s6KUAeoJE4tYJHAQdq3t6zAC/s0/footer-bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:29 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="footer-bg.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Server: fife
    Content-Length: 251
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSMseZw_CENJryW6o-zRl4XzZitJW16-J9wdbGlICZqhkAZZ0PERWXCSkTHa16yMAGQR9IDY_UA47dj3hTIUBdyZ58OJiOR66h2IONV6N_Wd6FGbwak-OCO5Ot7F9b8jmy5GSyYUQMp5rW/s0/loading-bar-black.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhSMseZw_CENJryW6o-zRl4XzZitJW16-J9wdbGlICZqhkAZZ0PERWXCSkTHa16yMAGQR9IDY_UA47dj3hTIUBdyZ58OJiOR66h2IONV6N_Wd6FGbwak-OCO5Ot7F9b8jmy5GSyYUQMp5rW/s0/loading-bar-black.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:30 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="loading-bar-black.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:30 GMT
    Server: fife
    Content-Length: 1628
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLg8yqHY3bdWJXoDMNhrMCDiGU3BfbT6Ri4qQ4UQqEMObrjU3604r4XY7V1EIBN3vbmRtrd71edt7xpskudpthEx-9vJWM-kxtck6iDWXyGemS6scRK6FWqOxM0lBrlHu9kRMYLs8ZzZ1S/s0/container-bg.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgLg8yqHY3bdWJXoDMNhrMCDiGU3BfbT6Ri4qQ4UQqEMObrjU3604r4XY7V1EIBN3vbmRtrd71edt7xpskudpthEx-9vJWM-kxtck6iDWXyGemS6scRK6FWqOxM0lBrlHu9kRMYLs8ZzZ1S/s0/container-bg.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:25 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="container-bg.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:25 GMT
    Server: fife
    Content-Length: 1356
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAmcgmr9s77Y_Jrjy4LOZ7t2J01SAhel0VI3oxhe7Opokb91O-sQW9uqmEbGzze12WBnWyTzZqQjlQji2GJCjcQz4-Z8CLW6oXxEAjKXuKaiHqYrHU2uumd2avToVQWXsZCwe-kYphrZsO/h90/Untitled-1.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEgAmcgmr9s77Y_Jrjy4LOZ7t2J01SAhel0VI3oxhe7Opokb91O-sQW9uqmEbGzze12WBnWyTzZqQjlQji2GJCjcQz4-Z8CLW6oXxEAjKXuKaiHqYrHU2uumd2avToVQWXsZCwe-kYphrZsO/h90/Untitled-1.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v2b2"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Untitled-1.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 17020
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEFdMTq4UTpX_apbjWLqroBIA4zafvwdrmX2-BEMU-ZkJ_BAcFAAYyKrhnRjQXSsnwxJLdJcUgx_Fb6yz0G4cYwENYMmuwYBKXsY4L63f6ji2eKIh0ili0EwxDJ2V5g8BAgHKeUKThgak/w72-h72-p-k-no-nu/44+beat+scale.JPG
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjEFdMTq4UTpX_apbjWLqroBIA4zafvwdrmX2-BEMU-ZkJ_BAcFAAYyKrhnRjQXSsnwxJLdJcUgx_Fb6yz0G4cYwENYMmuwYBKXsY4L63f6ji2eKIh0ili0EwxDJ2V5g8BAgHKeUKThgak/w72-h72-p-k-no-nu/44+beat+scale.JPG HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v311"
    Expires: Fri, 10 Jan 2025 00:01:26 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="44 beat scale.JPG"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:26 GMT
    Server: fife
    Content-Length: 2215
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgYtl7hi3hpNLMC_eFMeYtOOo-ET8T8DHtZZHhdzyO3DoRefL-2SgrNFtRSLCvQkAr8Go76nvSKpyI1SPumW_2jlFfwI8W3Khjpo_JOgphFZm6aq6cXzJrcnQrdKqIYH03SvLVyO8xhSZm/s0/post-line.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEhgYtl7hi3hpNLMC_eFMeYtOOo-ET8T8DHtZZHhdzyO3DoRefL-2SgrNFtRSLCvQkAr8Go76nvSKpyI1SPumW_2jlFfwI8W3Khjpo_JOgphFZm6aq6cXzJrcnQrdKqIYH03SvLVyO8xhSZm/s0/post-line.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:27 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="post-line.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Server: fife
    Content-Length: 195
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipwptZVgm_2r5qXWOBfNZNqpWnEYADZgy6UWHGY4bjsd1g8bLVFwEUjraLEfaIHBmLR34qPIdbtDLHisZWDbNE3qyIIG7IpeWVS9y1u2r9XvYaiqZNNzoheHVKq3GIRDNQJEukJmkyrko/s72-c/th_Parental-Advisory---Explicit-Lyrics.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEipwptZVgm_2r5qXWOBfNZNqpWnEYADZgy6UWHGY4bjsd1g8bLVFwEUjraLEfaIHBmLR34qPIdbtDLHisZWDbNE3qyIIG7IpeWVS9y1u2r9XvYaiqZNNzoheHVKq3GIRDNQJEukJmkyrko/s72-c/th_Parental-Advisory---Explicit-Lyrics.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/jpeg
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v22a"
    Expires: Fri, 10 Jan 2025 00:01:28 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="th_Parental-Advisory---Explicit-Lyrics.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Server: fife
    Content-Length: 3348
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3tue7iqju-fKZ5Y1rOsoWA2MPQaJN_G3-cu9fAOmoIgsr5ZhfZLr7JCr48uHhKBWQvJb8t08mrVI4D4nGdBdGq_pZw0vJkX60WF3Jpgb-ETCKEhWJn5pUDxdHdYy4FPGIj2YAGVsUGGp4/s0/sidebar-tab.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEj3tue7iqju-fKZ5Y1rOsoWA2MPQaJN_G3-cu9fAOmoIgsr5ZhfZLr7JCr48uHhKBWQvJb8t08mrVI4D4nGdBdGq_pZw0vJkX60WF3Jpgb-ETCKEhWJn5pUDxdHdYy4FPGIj2YAGVsUGGp4/s0/sidebar-tab.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:29 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="sidebar-tab.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Server: fife
    Content-Length: 358
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEir_BQsdlW5HCpTsJHIXNRAs_Fq-gkrr_-8wnTB8aXoe7roXjoD-02ZATBnpy7Xbx44VDaEcdfO_v24JjdIwvmMCSzZaorIcUmCEccsmH4QwUyme8OaZcJb1W1uBvaW2hzTAu7mU09B9w1_/s0/fleche1.png
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEir_BQsdlW5HCpTsJHIXNRAs_Fq-gkrr_-8wnTB8aXoe7roXjoD-02ZATBnpy7Xbx44VDaEcdfO_v24JjdIwvmMCSzZaorIcUmCEccsmH4QwUyme8OaZcJb1W1uBvaW2hzTAu7mU09B9w1_/s0/fleche1.png HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: image/png
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v1532"
    Expires: Fri, 10 Jan 2025 00:01:30 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="fleche1.png"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:30 GMT
    Server: fife
    Content-Length: 2684
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghp3-foulrQhogzhGSIohS2Z3f61aWWL4Qzxx5q83JPDyhIvp817Sk5gUAmpCMSP2fBZM0aKvxhT3KW1OcxLWvFdWqkkRROJ5qTKVdVIEcyt_DnVnkMRMxIa75R675p64npndW0xBKJpo/s1600/Video-Clip.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEghp3-foulrQhogzhGSIohS2Z3f61aWWL4Qzxx5q83JPDyhIvp817Sk5gUAmpCMSP2fBZM0aKvxhT3KW1OcxLWvFdWqkkRROJ5qTKVdVIEcyt_DnVnkMRMxIa75R675p64npndW0xBKJpo/s1600/Video-Clip.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    If-None-Match: "v429"
    Connection: Keep-Alive
    Response
    HTTP/1.1 304 Not Modified
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v429"
    Expires: Fri, 10 Jan 2025 00:01:39 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Video-Clip.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:39 GMT
    Server: fife
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwQRXlN7vL6DcBhLtpAXUT6mgAxABsrGuxftPvQDLUOnXhaYJQz6A_8Pm62X3aYKkEfBe8vJYASSQRIpE-0V0QxhFMgW9BF7kQ0fClEhp4DqzWtxlODg2BJ9RO7FiZGZjT8F1v2eTeRQk/s640/Mix-Culture.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEjwQRXlN7vL6DcBhLtpAXUT6mgAxABsrGuxftPvQDLUOnXhaYJQz6A_8Pm62X3aYKkEfBe8vJYASSQRIpE-0V0QxhFMgW9BF7kQ0fClEhp4DqzWtxlODg2BJ9RO7FiZGZjT8F1v2eTeRQk/s640/Mix-Culture.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    If-None-Match: "v431"
    Connection: Keep-Alive
    Response
    HTTP/1.1 304 Not Modified
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v431"
    Expires: Fri, 10 Jan 2025 00:01:45 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Mix-Culture.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:45 GMT
    Server: fife
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiesjVwaV1NxoYBTLwe62s6seaYf43Y_stFACD4mKUt-idP84Sa5vwQnXO1_k2SWdQaOYItRtfM9pHkAzBqwv0tJ-1LbbucJa3RoGrIriTrD1_wJ8u2nHT-ZVkQOLM8bo6Q49ME78uQVck/s640/Desain.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEiesjVwaV1NxoYBTLwe62s6seaYf43Y_stFACD4mKUt-idP84Sa5vwQnXO1_k2SWdQaOYItRtfM9pHkAzBqwv0tJ-1LbbucJa3RoGrIriTrD1_wJ8u2nHT-ZVkQOLM8bo6Q49ME78uQVck/s640/Desain.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    If-None-Match: "v439"
    Connection: Keep-Alive
    Response
    HTTP/1.1 304 Not Modified
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v439"
    Expires: Fri, 10 Jan 2025 00:01:51 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Desain.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:51 GMT
    Server: fife
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3eYbglwVgUgrIdO-Rq6PbRrJkuXL8zE-aZq2LN1ZxvJv1ut3LnmpYo0VmWwOeI7BMeuGt1R-GucVE_J2QkZF3g4e17XGWZkWpCKdGoDDksbRpbIVGqTUiEzqnqitBmtFOT9DwsN35tNg/s1600/Jancok-Beat.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.33:443
    Request
    GET /img/b/R29vZ2xl/AVvXsEg3eYbglwVgUgrIdO-Rq6PbRrJkuXL8zE-aZq2LN1ZxvJv1ut3LnmpYo0VmWwOeI7BMeuGt1R-GucVE_J2QkZF3g4e17XGWZkWpCKdGoDDksbRpbIVGqTUiEzqnqitBmtFOT9DwsN35tNg/s1600/Jancok-Beat.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: blogger.googleusercontent.com
    If-None-Match: "v452"
    Connection: Keep-Alive
    Response
    HTTP/1.1 304 Not Modified
    Vary: Origin
    Access-Control-Expose-Headers: Content-Length
    ETag: "v452"
    Expires: Fri, 10 Jan 2025 00:01:57 GMT
    Cache-Control: public, max-age=86400, no-transform
    Content-Disposition: inline;filename="Jancok-Beat.jpg"
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:57 GMT
    Server: fife
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    platform.twitter.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    platform.twitter.com
    IN A
    Response
    platform.twitter.com
    IN CNAME
    platform.twitter.map.fastly.net
    platform.twitter.map.fastly.net
    IN A
    151.101.188.157
  • flag-us
    DNS
    www.youtube.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    www.youtube.com
    IN A
    Response
    www.youtube.com
    IN CNAME
    youtube-ui.l.google.com
    youtube-ui.l.google.com
    IN A
    142.250.187.206
    youtube-ui.l.google.com
    IN A
    216.58.213.14
    youtube-ui.l.google.com
    IN A
    172.217.169.78
    youtube-ui.l.google.com
    IN A
    142.250.200.46
    youtube-ui.l.google.com
    IN A
    216.58.201.110
    youtube-ui.l.google.com
    IN A
    172.217.16.238
    youtube-ui.l.google.com
    IN A
    142.250.187.238
    youtube-ui.l.google.com
    IN A
    142.250.200.14
    youtube-ui.l.google.com
    IN A
    142.250.178.14
    youtube-ui.l.google.com
    IN A
    172.217.169.46
    youtube-ui.l.google.com
    IN A
    142.250.179.238
    youtube-ui.l.google.com
    IN A
    142.250.180.14
    youtube-ui.l.google.com
    IN A
    216.58.204.78
  • flag-gb
    GET
    https://www.youtube.com/s/player/a5032d18/www-player.css
    IEXPLORE.EXE
    Remote address:
    142.250.187.206:443
    Request
    GET /s/player/a5032d18/www-player.css HTTP/1.1
    Accept: text/css, */*
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 62099
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 07 Jan 2025 08:51:41 GMT
    Expires: Wed, 07 Jan 2026 08:51:41 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 07 Jan 2025 06:36:07 GMT
    Content-Type: text/css
    Vary: Accept-Encoding, Origin
    Age: 140986
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/s/player/a5032d18/player_ias.vflset/en_US/base.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.206:443
    Request
    GET /s/player/a5032d18/player_ias.vflset/en_US/base.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 816051
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 07 Jan 2025 08:51:52 GMT
    Expires: Wed, 07 Jan 2026 08:51:52 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 07 Jan 2025 06:36:07 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 140975
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    POST
    https://www.youtube.com/api/stats/qoe?cpn=CtDoN3_lpIdXT9H7&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C36343%2C9954%2C34656%2C46919%2C12193%2C19100%2C26505%2C1313%2C18053%2C591%2C7505%2C5541%2C1823%2C3186%2C7706%2C6942%2C408%2C20473%2C8%2C10631%2C9243%2C1581%2C1690%2C14%2C3943%2C2%2C120%2C366%2C1684%2C4903%2C3025%2C2980%2C5922%2C3612%2C651%2C681%2C6266%2C2049%2C705%2C553%2C842%2C2634%2C2706%2C2261%2C7764%2C2286%2C1756%2C4292%2C916%2C31%2C3313%2C436%2C6258%2C17%2C1740%2C1892%2C3420&cl=712772113&seq=1&event=streamingstats&docid=o6T1zCHUdcI&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20250106.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.004:ER&cmt=0.004:0.000,0.004:0.000&vis=0.004:0&bh=0.004:0.000&qclc=ChBDdERvTjNfbHBJZFhUOUg3EAE
    IEXPLORE.EXE
    Remote address:
    142.250.187.206:443
    Request
    POST /api/stats/qoe?cpn=CtDoN3_lpIdXT9H7&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C36343%2C9954%2C34656%2C46919%2C12193%2C19100%2C26505%2C1313%2C18053%2C591%2C7505%2C5541%2C1823%2C3186%2C7706%2C6942%2C408%2C20473%2C8%2C10631%2C9243%2C1581%2C1690%2C14%2C3943%2C2%2C120%2C366%2C1684%2C4903%2C3025%2C2980%2C5922%2C3612%2C651%2C681%2C6266%2C2049%2C705%2C553%2C842%2C2634%2C2706%2C2261%2C7764%2C2286%2C1756%2C4292%2C916%2C31%2C3313%2C436%2C6258%2C17%2C1740%2C1892%2C3420&cl=712772113&seq=1&event=streamingstats&docid=o6T1zCHUdcI&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20250106.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.004:ER&cmt=0.004:0.000,0.004:0.000&vis=0.004:0&bh=0.004:0.000&qclc=ChBDdERvTjNfbHBJZFhUOUg3EAE HTTP/1.1
    Accept: */*
    X-Goog-Visitor-Id: CgtfQ2NQNVRWUjl4ayjXo_y7BjIKCgJHQhIEGgAgOw%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20250106.01.01
    X-YouTube-Device: cbr=IE&cbrver=11.0&ceng=Trident&cengver=7.0&cos=Windows&cosver=6.1&cplatform=DESKTOP
    X-YouTube-Page-CL: 712584394
    X-YouTube-Page-Label: youtube.player.web_20250106_01_RC01
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1736380884596&flash=0&frm=2&u_tz&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=157%2C3176%2C0%2C62%2C1280%2C%2C1280%2C626%2C640%2C360&vis=1&wgl=true&ca_type=image
    Content-Type: application/x-www-form-urlencoded
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 402
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 204 No Content
    Content-Type: text/html; charset=UTF-8
    Date: Thu, 09 Jan 2025 00:01:33 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, must-revalidate
    X-Content-Type-Options: nosniff
    Server: Video Stats Server
    Content-Length: 0
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    POST
    https://www.youtube.com/youtubei/v1/log_event?alt=json
    IEXPLORE.EXE
    Remote address:
    142.250.187.206:443
    Request
    POST /youtubei/v1/log_event?alt=json HTTP/1.1
    Accept: */*
    X-Goog-Request-Time: 1736380890835
    Content-Type: application/json
    X-Goog-Visitor-Id: CgtfQ2NQNVRWUjl4ayjXo_y7BjIKCgJHQhIEGgAgOw%3D%3D
    X-YouTube-Client-Name: 56
    X-YouTube-Client-Version: 1.20250106.01.01
    X-YouTube-Device: cbr=IE&cbrver=11.0&ceng=Trident&cengver=7.0&cos=Windows&cosver=6.1&cplatform=DESKTOP
    X-YouTube-Page-CL: 712584394
    X-YouTube-Page-Label: youtube.player.web_20250106_01_RC01
    X-YouTube-Utc-Offset: 0
    X-YouTube-Ad-Signals: dt=1736380883460&flash=0&frm=2&u_tz&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&bc=1&bih=-12245933&biw=-12245933&brdim=157%2C3168%2C-8%2C-8%2C1280%2C%2C1296%2C696%2C640%2C360&vis=1&wgl=true&ca_type=image
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: www.youtube.com
    Content-Length: 10629
    Connection: Keep-Alive
    Cache-Control: no-cache
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 09 Jan 2025 00:01:35 GMT
    Server: scaffolding on HTTPServer2
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.youtube.com/embed/o6T1zCHUdcI
    IEXPLORE.EXE
    Remote address:
    142.250.187.206:443
    Request
    GET /embed/o6T1zCHUdcI HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Content-Type: text/html; charset=utf-8
    X-Content-Type-Options: nosniff
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Thu, 09 Jan 2025 00:01:27 GMT
    Strict-Transport-Security: max-age=31536000
    Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
    Origin-Trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
    Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube_main"
    Content-Security-Policy: require-trusted-types-for 'script'
    Cross-Origin-Resource-Policy: cross-origin
    P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
    Content-Encoding: gzip
    Server: ESF
    X-XSS-Protection: 0
    Set-Cookie: YSC=tXKJ9QHUeEs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; Domain=youtube.com; Expires=Tue, 08-Jul-2025 00:01:27 GMT; Path=/; Secure; HttpOnly; SameSite=none; Partitioned
    Set-Cookie: VISITOR_INFO1_LIVE=_CcP5TVR9xk; Domain=.youtube.com; Expires=Tue, 08-Jul-2025 00:01:27 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D; Domain=.youtube.com; Expires=Tue, 08-Jul-2025 00:01:27 GMT; Path=/; Secure; HttpOnly; SameSite=none
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://www.youtube.com/s/player/a5032d18/www-embed-player.vflset/www-embed-player.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.206:443
    Request
    GET /s/player/a5032d18/www-embed-player.vflset/www-embed-player.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 118953
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 07 Jan 2025 08:51:41 GMT
    Expires: Wed, 07 Jan 2026 08:51:41 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 07 Jan 2025 06:36:07 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 140986
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://www.youtube.com/s/player/a5032d18/player_ias.vflset/en_US/embed.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.206:443
    Request
    GET /s/player/a5032d18/player_ias.vflset/en_US/embed.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: www.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Content-Length: 10927
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Tue, 07 Jan 2025 09:10:28 GMT
    Expires: Wed, 07 Jan 2026 09:10:28 GMT
    Cache-Control: public, max-age=31536000
    Last-Modified: Tue, 07 Jan 2025 06:36:07 GMT
    Content-Type: text/javascript
    Vary: Accept-Encoding, Origin
    Age: 139864
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    img.youtube.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    img.youtube.com
    IN A
    Response
    img.youtube.com
    IN CNAME
    ytimg.l.google.com
    ytimg.l.google.com
    IN A
    142.250.200.14
    ytimg.l.google.com
    IN A
    216.58.212.238
    ytimg.l.google.com
    IN A
    216.58.213.14
    ytimg.l.google.com
    IN A
    142.250.180.14
    ytimg.l.google.com
    IN A
    216.58.204.78
    ytimg.l.google.com
    IN A
    142.250.200.46
    ytimg.l.google.com
    IN A
    142.250.187.238
    ytimg.l.google.com
    IN A
    142.250.179.238
    ytimg.l.google.com
    IN A
    142.250.178.14
    ytimg.l.google.com
    IN A
    142.250.187.206
    ytimg.l.google.com
    IN A
    172.217.169.46
    ytimg.l.google.com
    IN A
    216.58.212.206
    ytimg.l.google.com
    IN A
    172.217.16.238
    ytimg.l.google.com
    IN A
    216.58.201.110
  • flag-gb
    GET
    https://img.youtube.com/vi/XxVJ6-WayXs/default.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /vi/XxVJ6-WayXs/default.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Type: image/jpeg
    Vary: Origin
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Timing-Allow-Origin: *
    Content-Length: 4555
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Expires: Thu, 09 Jan 2025 02:01:28 GMT
    Cache-Control: public, max-age=7200
    ETag: "0"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://img.youtube.com/vi/LaF4yg8m3-k/default.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /vi/LaF4yg8m3-k/default.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 404 Not Found
    Vary: Origin
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Content-Type: image/jpeg
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Expires: Thu, 09 Jan 2025 00:01:58 GMT
    Cache-Control: public, max-age=30
    X-Content-Type-Options: nosniff
    Server: sffe
    Content-Length: 1097
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://img.youtube.com/vi/qA28tEgsCV4/default.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /vi/qA28tEgsCV4/default.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Type: image/jpeg
    Vary: Origin
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
    Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
    Timing-Allow-Origin: *
    Content-Length: 3386
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Expires: Thu, 09 Jan 2025 02:01:28 GMT
    Cache-Control: public, max-age=7200
    ETag: "1354845317"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://img.youtube.com/vi/FnMY8QqxOws/default.jpg
    IEXPLORE.EXE
    Remote address:
    142.250.200.14:443
    Request
    GET /vi/FnMY8QqxOws/default.jpg HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: img.youtube.com
    Connection: Keep-Alive
    Cookie: YSC=tXKJ9QHUeEs; __Secure-ROLLOUT_TOKEN=CL-ftoHri-7UvgEQ0O_176rnigMY0O_176rnigM%3D; VISITOR_INFO1_LIVE=_CcP5TVR9xk; VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgOw%3D%3D
    Response
    HTTP/1.1 404 Not Found
    Vary: Origin
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Content-Type: image/jpeg
    Date: Thu, 09 Jan 2025 00:01:28 GMT
    Expires: Thu, 09 Jan 2025 00:01:58 GMT
    Cache-Control: public, max-age=30
    X-Content-Type-Options: nosniff
    Server: sffe
    Content-Length: 1097
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    googleads.g.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    googleads.g.doubleclick.net
    IN A
    Response
    googleads.g.doubleclick.net
    IN A
    216.58.201.98
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id
    IEXPLORE.EXE
    Remote address:
    216.58.201.98:443
    Request
    GET /pagead/id HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    Access-Control-Allow-Credentials: true
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    IEXPLORE.EXE
    Remote address:
    216.58.201.98:443
    Request
    GET /pagead/id?slf_rd=1 HTTP/1.1
    Accept: */*
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: googleads.g.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Credentials: true
    Content-Type: application/json; charset=UTF-8
    Date: Thu, 09 Jan 2025 00:01:29 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    static.doubleclick.net
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    static.doubleclick.net
    IN A
    Response
    static.doubleclick.net
    IN A
    142.250.187.230
  • flag-gb
    GET
    https://static.doubleclick.net/instream/ad_status.js
    IEXPLORE.EXE
    Remote address:
    142.250.187.230:443
    Request
    GET /instream/ad_status.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: static.doubleclick.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-doubleclick-media"
    Report-To: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
    Timing-Allow-Origin: *
    Content-Length: 29
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:47:08 GMT
    Expires: Thu, 09 Jan 2025 00:02:08 GMT
    Cache-Control: public, max-age=900
    Age: 862
    Last-Modified: Thu, 12 Dec 2013 23:40:16 GMT
    Content-Type: text/javascript
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    jnn-pa.googleapis.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    jnn-pa.googleapis.com
    IN A
    Response
    jnn-pa.googleapis.com
    IN A
    172.217.169.74
    jnn-pa.googleapis.com
    IN A
    142.250.200.10
    jnn-pa.googleapis.com
    IN A
    172.217.169.10
    jnn-pa.googleapis.com
    IN A
    142.250.180.10
    jnn-pa.googleapis.com
    IN A
    142.250.178.10
    jnn-pa.googleapis.com
    IN A
    216.58.213.10
    jnn-pa.googleapis.com
    IN A
    142.250.179.234
    jnn-pa.googleapis.com
    IN A
    172.217.169.42
    jnn-pa.googleapis.com
    IN A
    216.58.212.202
    jnn-pa.googleapis.com
    IN A
    172.217.16.234
    jnn-pa.googleapis.com
    IN A
    142.250.187.234
    jnn-pa.googleapis.com
    IN A
    142.250.187.202
    jnn-pa.googleapis.com
    IN A
    216.58.212.234
    jnn-pa.googleapis.com
    IN A
    142.250.200.42
    jnn-pa.googleapis.com
    IN A
    216.58.204.74
    jnn-pa.googleapis.com
    IN A
    216.58.201.106
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
    IEXPLORE.EXE
    Remote address:
    172.217.169.74:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 24
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 09 Jan 2025 00:01:33 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    IEXPLORE.EXE
    Remote address:
    172.217.169.74:443
    Request
    POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
    Accept: */*
    X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
    Content-Type: application/json+protobuf
    X-User-Agent: grpc-web-javascript/0.1
    Referer: https://www.youtube.com/embed/o6T1zCHUdcI
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: jnn-pa.googleapis.com
    Content-Length: 1110
    Connection: Keep-Alive
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Content-Type: application/json+protobuf; charset=UTF-8
    Vary: Origin
    Vary: X-Origin
    Vary: Referer
    Content-Encoding: gzip
    Date: Thu, 09 Jan 2025 00:01:33 GMT
    Server: ESF
    Cache-Control: private
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    X-Content-Type-Options: nosniff
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    ep1.adtrafficquality.google
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ep1.adtrafficquality.google
    IN A
    Response
    ep1.adtrafficquality.google
    IN A
    172.217.16.226
  • flag-gb
    GET
    https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250107&st=env
    IEXPLORE.EXE
    Remote address:
    172.217.16.226:443
    Request
    GET /getconfig/sodar?sv=200&tid=gda&tv=r20250107&st=env HTTP/1.1
    Accept: */*
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: ep1.adtrafficquality.google
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Access-Control-Allow-Origin: *
    Content-Type: application/json; charset=UTF-8
    X-Content-Type-Options: nosniff
    Content-Disposition: attachment; filename="f.txt"
    Content-Encoding: gzip
    Date: Thu, 09 Jan 2025 00:01:34 GMT
    Server: cafe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250107&jk=3776034525245807&bg=!LyylLGPNAAYEOS4OJDk7ADQBe5WfODr-xLaXcffcgGFB5vcMXdMMGsgswsD2vRhVWxDbnKAuGfkFF8E4OBFGosxWJZwgAgAAAaNSAAAAG2gBB34AOkn0VhnygV-6YWy0kvomgshFgRpf1G11GALutx4E3zxhq4V_FNdw0IInL01eLFkejwPko8liNzhW35KZAg_bEkNBv9qgZCHC8KhozLrRevBZbu0VPY659WgUWvjqpCns6ezOZHiIaRS8OLDpHTGYwOakbbFWFWKqobYC5OIbwQvFnxQOOgNuB4m-JP2P8wZPDFzjfc458kwS8CFP2jgVLjHNXKvy2d7aI3VCtbvurC2x7dgbPryhsGK2QjncBpLUhXHl3c-SxWbeZdtDyjdkKJfPW4otHzbKArDqROBo3CHlc4SeSuLypChIjTVx_Zn4PHfhs01rvxlJ3aKSHIZugwg0shbhbAtRdKWFdK-KjzrfDdtL3hUYZ57vg_zCPyhQOEWYyp3rJKSPVnMAAlbqu901CS043XDCuo96xJVX5ASBjNJa0EKRW4Jel7ZHLeWoFvaEEAJf2Tar25HDZkBGnfnnDAiU21a9gn6Da6jTtScKFpeQP-ACmwwav3-LzUhnhCMJrISzxCzsZKdODpyBo3dfmJTvfdWl_SYB_NpJNG8kTQC-ZLyYJvQMK0e9_h_AbCC9CONRaL8W7nkBIwJbi3kwhHxmoC-cBT4UxJbeszN3fx69gJUMMDxpfecXHYcytThPcghOqOq5OEcCm2LxzvkQuy9jVmIPMdb8BGLszgUb-lyXP-0nO_cLJtd4C75vCWAtsqCMh4fbK7tRtuKE49ipdxs7mUd-aifu_FAS4hSqT8RM4cD_S9tM8RMKbh_-aAiehwrqI6pXQ9Ygug
    IEXPLORE.EXE
    Remote address:
    172.217.16.226:443
    Request
    GET /pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250107&jk=3776034525245807&bg=!LyylLGPNAAYEOS4OJDk7ADQBe5WfODr-xLaXcffcgGFB5vcMXdMMGsgswsD2vRhVWxDbnKAuGfkFF8E4OBFGosxWJZwgAgAAAaNSAAAAG2gBB34AOkn0VhnygV-6YWy0kvomgshFgRpf1G11GALutx4E3zxhq4V_FNdw0IInL01eLFkejwPko8liNzhW35KZAg_bEkNBv9qgZCHC8KhozLrRevBZbu0VPY659WgUWvjqpCns6ezOZHiIaRS8OLDpHTGYwOakbbFWFWKqobYC5OIbwQvFnxQOOgNuB4m-JP2P8wZPDFzjfc458kwS8CFP2jgVLjHNXKvy2d7aI3VCtbvurC2x7dgbPryhsGK2QjncBpLUhXHl3c-SxWbeZdtDyjdkKJfPW4otHzbKArDqROBo3CHlc4SeSuLypChIjTVx_Zn4PHfhs01rvxlJ3aKSHIZugwg0shbhbAtRdKWFdK-KjzrfDdtL3hUYZ57vg_zCPyhQOEWYyp3rJKSPVnMAAlbqu901CS043XDCuo96xJVX5ASBjNJa0EKRW4Jel7ZHLeWoFvaEEAJf2Tar25HDZkBGnfnnDAiU21a9gn6Da6jTtScKFpeQP-ACmwwav3-LzUhnhCMJrISzxCzsZKdODpyBo3dfmJTvfdWl_SYB_NpJNG8kTQC-ZLyYJvQMK0e9_h_AbCC9CONRaL8W7nkBIwJbi3kwhHxmoC-cBT4UxJbeszN3fx69gJUMMDxpfecXHYcytThPcghOqOq5OEcCm2LxzvkQuy9jVmIPMdb8BGLszgUb-lyXP-0nO_cLJtd4C75vCWAtsqCMh4fbK7tRtuKE49ipdxs7mUd-aifu_FAS4hSqT8RM4cD_S9tM8RMKbh_-aAiehwrqI6pXQ9Ygug HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ep1.adtrafficquality.google
    Connection: Keep-Alive
    Response
    HTTP/1.1 204 No Content
    P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
    Timing-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Content-Type: text/html; charset=UTF-8
    X-Content-Type-Options: nosniff
    Date: Thu, 09 Jan 2025 00:01:36 GMT
    Server: cafe
    Content-Length: 0
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    ep2.adtrafficquality.google
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    ep2.adtrafficquality.google
    IN A
    Response
    ep2.adtrafficquality.google
    IN A
    216.58.201.97
  • flag-gb
    GET
    https://ep2.adtrafficquality.google/sodar/sodar2.js
    IEXPLORE.EXE
    Remote address:
    216.58.201.97:443
    Request
    GET /sodar/sodar2.js HTTP/1.1
    Accept: application/javascript, */*;q=0.8
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ep2.adtrafficquality.google
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Type: text/javascript
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
    Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
    Date: Thu, 09 Jan 2025 00:01:34 GMT
    Expires: Thu, 09 Jan 2025 00:01:34 GMT
    Cache-Control: private, max-age=3000
    ETag: "1727224258380615"
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    GET
    https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
    IEXPLORE.EXE
    Remote address:
    216.58.201.97:443
    Request
    GET /sodar/sodar2/232/runner.html HTTP/1.1
    Accept: text/html, application/xhtml+xml, */*
    Referer: https://damncok.blogspot.com/
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ep2.adtrafficquality.google
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Encoding: gzip
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
    Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
    Content-Length: 5005
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Wed, 08 Jan 2025 23:39:23 GMT
    Expires: Thu, 09 Jan 2025 00:29:23 GMT
    Cache-Control: public, max-age=3000
    Age: 1331
    Last-Modified: Mon, 23 Sep 2024 18:12:21 GMT
    Content-Type: text/html
    Vary: Accept-Encoding
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-gb
    GET
    https://ep2.adtrafficquality.google/generate_204?fsQ4qw
    IEXPLORE.EXE
    Remote address:
    216.58.201.97:443
    Request
    GET /generate_204?fsQ4qw HTTP/1.1
    Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5
    Referer: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
    Accept-Language: en-US
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Accept-Encoding: gzip, deflate
    Host: ep2.adtrafficquality.google
    Connection: Keep-Alive
    Response
    HTTP/1.1 204 No Content
    Content-Length: 0
    Cross-Origin-Resource-Policy: cross-origin
    Date: Thu, 09 Jan 2025 00:01:35 GMT
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    fe0.google.com
    IEXPLORE.EXE
    Remote address:
    8.8.8.8:53
    Request
    fe0.google.com
    IN A
    Response
  • 142.250.179.233:443
    https://www.blogger.com/img/share_buttons_20_3.png
    tls, http
    IEXPLORE.EXE
    2.6kB
    66.3kB
    35
    54

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/3100690138-widgets.js

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/img/share_buttons_20_3.png

    HTTP Response

    200
  • 172.217.16.234:443
    https://ajax.googleapis.com/ajax/libs/mootools/1.3.1/mootools-yui-compressed.js
    tls, http
    IEXPLORE.EXE
    2.6kB
    68.2kB
    35
    57

    HTTP Request

    GET https://ajax.googleapis.com/ajax/libs/jquery/1.5.0/jquery.min.js

    HTTP Response

    200

    HTTP Request

    GET https://ajax.googleapis.com/ajax/libs/mootools/1.3.1/mootools-yui-compressed.js

    HTTP Response

    200
  • 142.250.179.233:443
    https://www.blogger.com/img/icon18_edit_allbkg.gif
    tls, http
    IEXPLORE.EXE
    1.2kB
    6.3kB
    12
    11

    HTTP Request

    GET https://www.blogger.com/img/icon18_edit_allbkg.gif

    HTTP Response

    200
  • 172.217.16.234:443
    https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
    tls, http
    IEXPLORE.EXE
    1.8kB
    41.0kB
    25
    35

    HTTP Request

    GET https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js

    HTTP Response

    200
  • 216.58.212.206:80
    feeds.feedburner.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 216.58.212.206:80
    http://feeds.feedburner.com/DcmGaleri.2.gif
    http
    IEXPLORE.EXE
    743 B
    7.9kB
    10
    11

    HTTP Request

    GET http://feeds.feedburner.com/DcmGaleri.2.gif

    HTTP Response

    200
  • 172.217.16.225:80
    http://2.bp.blogspot.com/-gSKEawnzOv8/TnhZyo66VnI/AAAAAAAACN4/f2XwzWsaN3o/w72-h72-p-k-no-nu/setting-input-output-nuendo-cubase_.jpg
    http
    IEXPLORE.EXE
    693 B
    3.4kB
    7
    6

    HTTP Request

    GET http://2.bp.blogspot.com/-gSKEawnzOv8/TnhZyo66VnI/AAAAAAAACN4/f2XwzWsaN3o/w72-h72-p-k-no-nu/setting-input-output-nuendo-cubase_.jpg

    HTTP Response

    200
  • 118.139.179.30:80
    http://www.linkwithin.com/pixel.png
    http
    IEXPLORE.EXE
    781 B
    679 B
    11
    4

    HTTP Request

    GET http://www.linkwithin.com/pixel.png

    HTTP Response

    404
  • 172.217.16.225:80
    http://2.bp.blogspot.com/-uSaNeuyL8Ho/T5_SRyaFLAI/AAAAAAAAAUM/FMQkWAvK26I/s1600/headerblog-gfaweb.jpg
    http
    IEXPLORE.EXE
    2.2kB
    95.1kB
    40
    71

    HTTP Request

    GET http://2.bp.blogspot.com/-uSaNeuyL8Ho/T5_SRyaFLAI/AAAAAAAAAUM/FMQkWAvK26I/s1600/headerblog-gfaweb.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://2.bp.blogspot.com/-UrCnybwBve4/T4VW9oceXcI/AAAAAAAAAO0/0nrDauxU9po/w72-h72-p-k-no-nu/1.jpg
    http
    IEXPLORE.EXE
    659 B
    3.7kB
    7
    6

    HTTP Request

    GET http://2.bp.blogspot.com/-UrCnybwBve4/T4VW9oceXcI/AAAAAAAAAO0/0nrDauxU9po/w72-h72-p-k-no-nu/1.jpg

    HTTP Response

    200
  • 76.223.54.146:80
    http://yourjavascript.com/290582211131/auto-like-10-seconds.js
    http
    IEXPLORE.EXE
    561 B
    388 B
    6
    4

    HTTP Request

    GET http://yourjavascript.com/290582211131/auto-like-10-seconds.js

    HTTP Response

    200
  • 142.250.178.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=debug_error/exm=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs
    tls, http
    IEXPLORE.EXE
    13.0kB
    212.2kB
    103
    169

    HTTP Request

    GET https://apis.google.com/js/plusone.js

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=debug_error/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_2?le=scs

    HTTP Response

    200

    HTTP Request

    POST https://apis.google.com/_/jserror?script=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2FJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&error=Object%20doesn't%20support%20this%20action&line=Not%20available

    HTTP Response

    301

    HTTP Request

    GET https://apis.google.com/js/platform.js

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_0?le=scs

    HTTP Response

    200

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=debug_error/exm=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs

    HTTP Response

    200
  • 76.223.54.146:80
    http://yourjavascript.com/31244224371/fb.js
    http
    IEXPLORE.EXE
    542 B
    388 B
    6
    4

    HTTP Request

    GET http://yourjavascript.com/31244224371/fb.js

    HTTP Response

    200
  • 142.250.178.14:443
    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs
    tls, http
    IEXPLORE.EXE
    1.5kB
    20.9kB
    16
    21

    HTTP Request

    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.5oZHy0SiJxw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-Hry6DG-RE4t9kNz_t6hiwmwXOmA/cb=gapi.loaded_1?le=scs

    HTTP Response

    200
  • 76.223.54.146:80
    http://yourjavascript.com/03931371151/gfafb.js
    http
    IEXPLORE.EXE
    545 B
    388 B
    6
    4

    HTTP Request

    GET http://yourjavascript.com/03931371151/gfafb.js

    HTTP Response

    200
  • 118.139.179.30:80
    http://www.linkwithin.com/widget.js
    http
    IEXPLORE.EXE
    764 B
    679 B
    11
    4

    HTTP Request

    GET http://www.linkwithin.com/widget.js

    HTTP Response

    404
  • 142.250.200.33:443
    https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uUvHq6Y-BZ4LJBAMX0-2eUOa2XY3orVA1EXQvWpYYvXeAXl2rNkcaNqFealpdtlE24Z-RAxRuzjUBqp2QOIULHwjU9rBxu8pF_q1hrFp0lc-UOD62tJKtZdexm7MccgN1pDg=s0-d
    tls, http
    IEXPLORE.EXE
    2.0kB
    13.6kB
    18
    17

    HTTP Request

    GET https://lh3.googleusercontent.com/proxy/MI1vj8biHQqzeFfFdXAQTtDF550fkmgqptDp9gnCfTit2g_n3Sm1cf9m_UzxIh-ada0zaCIwV52AN9GQrgzOipJG9Xc=w72-h72-n-k-no-nu

    HTTP Response

    404

    HTTP Request

    GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uUvHq6Y-BZ4LJBAMX0-2eUOa2XY3orVA1EXQvWpYYvXeAXl2rNkcaNqFealpdtlE24Z-RAxRuzjUBqp2QOIULHwjU9rBxu8pF_q1hrFp0lc-UOD62tJKtZdexm7MccgN1pDg=s0-d

    HTTP Response

    200
  • 142.250.200.33:443
    https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vQ97kuTF8VNAbgExvb7CRIyZP0YYDRcVeuTqxv6IC3ZAxAewqylcZ4x0cO1hAgA7WtBlt6jHrKsZYNFAouiuQSM22b2ZgsPyo=s0-d
    tls, http
    IEXPLORE.EXE
    2.0kB
    11.7kB
    16
    17

    HTTP Request

    GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vigVnWqym_vpYP0we3JDMBJx9aCOBr0iD6uhOtsPECFQYpdIAwuEpmrsSEEV3-c5XJ6SMTTW-E-pVRC9dWinNTVbwuWrGh_u2b=s0-d

    HTTP Response

    200

    HTTP Request

    GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vQ97kuTF8VNAbgExvb7CRIyZP0YYDRcVeuTqxv6IC3ZAxAewqylcZ4x0cO1hAgA7WtBlt6jHrKsZYNFAouiuQSM22b2ZgsPyo=s0-d

    HTTP Response

    200
  • 142.250.200.33:443
    https://lh5.googleusercontent.com/proxy/NjAUw71wtV9ayL9TVMI7P8aztgpyNzZNPlfQO43c_7o6GpPdc_jUzIffedoMK7oRrslmOtmgwLEw8kgq=s0-d
    tls, http
    IEXPLORE.EXE
    1.8kB
    13.2kB
    15
    16

    HTTP Request

    GET https://lh5.googleusercontent.com/proxy/T5nDK30cBcCaH06HgEPaN4APRcnXMHqjX-WMexxv5oGAiw6Z1FYDBT_VKCLuXP3cVECiyF7Hjkg4u2uVs1bgrDHmt9OIlGs=w72-h72-p-k-no-nu

    HTTP Response

    404

    HTTP Request

    GET https://lh5.googleusercontent.com/proxy/NjAUw71wtV9ayL9TVMI7P8aztgpyNzZNPlfQO43c_7o6GpPdc_jUzIffedoMK7oRrslmOtmgwLEw8kgq=s0-d

    HTTP Response

    200
  • 142.250.200.33:443
    https://lh5.googleusercontent.com/proxy/Vh2UaAJlUNAJelHGjhJIMPaYNSLe5qYpsros1nxnD6jSMvgeGmX3w6G2F6Xy30FLblMrwQZd5pfOMynWFu7MIYfSTqiZB71r8Qar=w72-h72-p-k-no-nu
    tls, http
    IEXPLORE.EXE
    1.4kB
    12.0kB
    15
    16

    HTTP Request

    GET https://lh5.googleusercontent.com/proxy/Vh2UaAJlUNAJelHGjhJIMPaYNSLe5qYpsros1nxnD6jSMvgeGmX3w6G2F6Xy30FLblMrwQZd5pfOMynWFu7MIYfSTqiZB71r8Qar=w72-h72-p-k-no-nu

    HTTP Response

    404
  • 172.217.16.225:80
    http://4.bp.blogspot.com/-Cc4oFF-qe0o/TqiJ8_j5I3I/AAAAAAAACOE/LQGdP2hG_3c/w72-h72-p-k-no-nu/simulanalog-guitar-suite.jpg
    http
    IEXPLORE.EXE
    728 B
    4.5kB
    8
    7

    HTTP Request

    GET http://4.bp.blogspot.com/-Cc4oFF-qe0o/TqiJ8_j5I3I/AAAAAAAACOE/LQGdP2hG_3c/w72-h72-p-k-no-nu/simulanalog-guitar-suite.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://4.bp.blogspot.com/_VB5tXm7m6QU/TMfKFJMd8nI/AAAAAAAAABg/uuv0BMg63_I/w72-h72-p-k-no-nu/gamat.jpg
    http
    IEXPLORE.EXE
    755 B
    3.3kB
    9
    7

    HTTP Request

    GET http://4.bp.blogspot.com/_VB5tXm7m6QU/TMfKFJMd8nI/AAAAAAAAABg/uuv0BMg63_I/w72-h72-p-k-no-nu/gamat.jpg

    HTTP Response

    200
  • 172.217.16.225:80
    http://4.bp.blogspot.com/-eVAZ4GRLCyk/TiqsG95rdJI/AAAAAAAACE4/hCGjzkBlUcU/w72-h72-p-k-no-nu/kjaerhus-effects-660-80.jpg
    http
    IEXPLORE.EXE
    727 B
    5.2kB
    8
    7

    HTTP Request

    GET http://4.bp.blogspot.com/-eVAZ4GRLCyk/TiqsG95rdJI/AAAAAAAACE4/hCGjzkBlUcU/w72-h72-p-k-no-nu/kjaerhus-effects-660-80.jpg

    HTTP Response

    200
  • 142.250.179.233:443
    https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8495722861526518967&zx=64487bf5-22a2-48f2-a391-d1fdfdfdcb44
    tls, http
    IEXPLORE.EXE
    4.5kB
    85.1kB
    54
    75

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/1527282520-widgets.js

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/1667664774-css_bundle_v2.css

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2961288418925170704&zx=6c728328-d8cc-42ea-95c1-ee436eb9468c

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

    HTTP Response

    200

    HTTP Request

    GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8495722861526518967&zx=64487bf5-22a2-48f2-a391-d1fdfdfdcb44

    HTTP Response

    200
  • 172.217.16.225:80
    http://3.bp.blogspot.com/-VXmAJdQRHJ8/Tra8E16fZGI/AAAAAAAAClg/o5M632x9qX8/s1600/floatingfb.png
    http
    IEXPLORE.EXE
    1.3kB
    14.6kB
    14
    14

    HTTP Request

    GET http://3.bp.blogspot.com/-EoBil2KZxB8/TlYVzoVFGlI/AAAAAAAACNY/7aDlrZwZ4Ec/w72-h72-p-k-no-nu/ambience-660-80.jpg

    HTTP Response

    200

    HTTP Request

    GET http://3.bp.blogspot.com/-VXmAJdQRHJ8/Tra8E16fZGI/AAAAAAAAClg/o5M632x9qX8/s1600/floatingfb.png

    HTTP Response

    200
  • 172.217.16.225:80
    3.bp.blogspot.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 142.250.187.196:80
    www.google.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 142.250.187.196:80
    http://www.google.com/jsapi
    http
    IEXPLORE.EXE
    578 B
    1.5kB
    7
    5

    HTTP Request

    GET http://www.google.com/jsapi

    HTTP Response

    301
  • 185.89.210.212:80
    http://ib.adnxs.com/seg?add=405193&t=2
    http
    IEXPLORE.EXE
    882 B
    1.9kB
    13
    5

    HTTP Request

    GET http://ib.adnxs.com/seg?add=405193&t=2

    HTTP Response

    307
  • 185.89.210.212:80
    ib.adnxs.com
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 64.233.184.82:80
    http://andreykusanagi.googlecode.com/files/pop-up.js
    http
    IEXPLORE.EXE
    597 B
    1.9kB
    7
    5

    HTTP Request

    GET http://andreykusanagi.googlecode.com/files/pop-up.js

    HTTP Response

    404
  • 64.233.184.82:80
    vicahya.googlecode.com
    IEXPLORE.EXE
    282 B
    132 B
    6
    3
  • 3.222.25.176:80
    www.reverbnation.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 3.222.25.176:80
    http://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif
    http
    IEXPLORE.EXE
    769 B
    632 B
    10
    6

    HTTP Request

    GET http://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif

    HTTP Response

    301
  • 64.233.184.82:80
    vicahya.googlecode.com
    IEXPLORE.EXE
    282 B
    132 B
    6
    3
  • 64.233.184.82:80
    http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js
    http
    IEXPLORE.EXE
    611 B
    2.0kB
    7
    5

    HTTP Request

    GET http://mybloggertricks.googlecode.com/files/jquery.colorbox-min.js

    HTTP Response

    404
  • 104.21.235.214:80
    http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png
    http
    IEXPLORE.EXE
    643 B
    1.3kB
    7
    5

    HTTP Request

    GET http://icons.iconarchive.com/icons/deleket/folder/24/Mozilla-Thunderbird-icon.png

    HTTP Response

    404
  • 104.21.235.214:80
    icons.iconarchive.com
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 104.21.59.55:80
    http://www.lintas.me/assets/scripts/widget_v2.js
    http
    IEXPLORE.EXE
    645 B
    2.3kB
    8
    5

    HTTP Request

    GET http://www.lintas.me/assets/scripts/widget_v2.js

    HTTP Response

    301
  • 104.21.59.55:80
    www.lintas.me
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 64.233.184.82:80
    vicahya.googlecode.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 64.233.184.82:80
    http://imemovaz.googlecode.com/files/tripleflap.js
    http
    IEXPLORE.EXE
    549 B
    1.9kB
    6
    4

    HTTP Request

    GET http://imemovaz.googlecode.com/files/tripleflap.js

    HTTP Response

    404
  • 52.222.169.79:80
    http://js-kit.com/ratings.js
    http
    IEXPLORE.EXE
    619 B
    782 B
    8
    5

    HTTP Request

    GET http://js-kit.com/ratings.js

    HTTP Response

    301
  • 52.222.169.79:80
    js-kit.com
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 64.233.184.82:80
    http://vicahya.googlecode.com/files/like.js
    http
    IEXPLORE.EXE
    588 B
    1.9kB
    7
    5

    HTTP Request

    GET http://vicahya.googlecode.com/files/like.js

    HTTP Response

    404
  • 64.233.184.82:80
    vicahya.googlecode.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 52.223.39.56:443
    www.alertpay.com
    tls
    IEXPLORE.EXE
    799 B
    5.1kB
    10
    11
  • 52.223.39.56:443
    www.alertpay.com
    tls
    IEXPLORE.EXE
    799 B
    5.1kB
    10
    11
  • 185.89.210.212:443
    https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2
    tls, http
    IEXPLORE.EXE
    1.6kB
    6.7kB
    13
    11

    HTTP Request

    GET https://ib.adnxs.com/sbounce?%2Fseg%3Fadd%3D405193%26t%3D2

    HTTP Response

    307

    HTTP Request

    GET https://ib.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D405193%2526t%253D2

    HTTP Response

    200
  • 52.222.169.79:443
    js-kit.com
    tls
    IEXPLORE.EXE
    391 B
    219 B
    5
    5
  • 103.30.145.12:80
    http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
    http
    IEXPLORE.EXE
    662 B
    720 B
    6
    5

    HTTP Request

    GET http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

    HTTP Response

    301
  • 103.30.145.12:80
    http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF
    http
    IEXPLORE.EXE
    661 B
    719 B
    6
    5

    HTTP Request

    GET http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF

    HTTP Response

    301
  • 103.30.145.12:80
    http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
    http
    IEXPLORE.EXE
    893 B
    681 B
    11
    4

    HTTP Request

    GET http://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

    HTTP Response

    301
  • 103.30.145.12:80
    http://banner.adsensecamp.com/images/banner/white-cloud.gif
    http
    IEXPLORE.EXE
    621 B
    616 B
    7
    5

    HTTP Request

    GET http://banner.adsensecamp.com/images/banner/white-cloud.gif

    HTTP Response

    301
  • 103.30.145.12:80
    banner.adsensecamp.com
    IEXPLORE.EXE
    420 B
    92 B
    9
    2
  • 3.222.25.176:443
    https://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif
    tls, http
    IEXPLORE.EXE
    1.4kB
    7.1kB
    16
    15

    HTTP Request

    GET https://www.reverbnation.com/widgets/trk/40/artist_560616//t.gif

    HTTP Response

    200
  • 104.20.7.133:443
    t.ly
    tls
    IEXPLORE.EXE
    741 B
    3.6kB
    10
    9
  • 104.20.7.133:443
    https://t.ly/
    tls, http
    IEXPLORE.EXE
    1.6kB
    23.6kB
    23
    31

    HTTP Request

    GET https://t.ly/

    HTTP Response

    200
  • 52.222.169.79:443
    js-kit.com
    tls
    IEXPLORE.EXE
    353 B
    219 B
    5
    5
  • 52.222.169.79:443
    js-kit.com
    tls
    IEXPLORE.EXE
    288 B
    219 B
    5
    5
  • 52.222.169.79:443
    js-kit.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 3.164.163.90:80
    http://crt.rootg2.amazontrust.com/rootg2.cer
    http
    IEXPLORE.EXE
    366 B
    1.9kB
    5
    4

    HTTP Request

    GET http://crt.rootg2.amazontrust.com/rootg2.cer

    HTTP Response

    200
  • 3.164.163.59:80
    http://crt.rootg2.amazontrust.com/rootg2.cer
    http
    IEXPLORE.EXE
    366 B
    1.9kB
    5
    4

    HTTP Request

    GET http://crt.rootg2.amazontrust.com/rootg2.cer

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    635 B
    2.9kB
    7
    5

    HTTP Request

    GET http://c.pki.goog/r/gsr1.crl

    HTTP Response

    200

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    304
  • 142.250.178.3:80
    http://c.pki.goog/r/r4.crl
    http
    IEXPLORE.EXE
    560 B
    5.0kB
    7
    6

    HTTP Request

    GET http://c.pki.goog/r/gsr1.crl

    HTTP Response

    200

    HTTP Request

    GET http://c.pki.goog/r/r4.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r4.crl
    http
    IEXPLORE.EXE
    639 B
    2.3kB
    7
    6

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200

    HTTP Request

    GET http://c.pki.goog/r/r4.crl

    HTTP Response

    304
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    685 B
    2.3kB
    8
    6

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    304
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 142.250.178.3:80
    http://c.pki.goog/r/r1.crl
    http
    IEXPLORE.EXE
    348 B
    1.7kB
    5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 103.30.145.12:443
    https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF
    tls, http
    IEXPLORE.EXE
    2.0kB
    7.3kB
    13
    11

    HTTP Request

    GET https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=12&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

    HTTP Response

    200

    HTTP Request

    GET https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=cfBjHTpD6nY%3D&chan=AtLgDWx9iTQ%3D&type=1&title=FFFFFF&text=E6E6E6&background=333333&border=333333&url=FFFFFF

    HTTP Response

    200
  • 103.30.145.12:443
    adsensecamp.com
    tls
    IEXPLORE.EXE
    964 B
    3.2kB
    9
    8
  • 103.30.145.12:443
    banner.adsensecamp.com
    tls
    IEXPLORE.EXE
    893 B
    3.0kB
    8
    6
  • 103.30.145.12:443
    https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F
    tls, http
    IEXPLORE.EXE
    1.5kB
    5.2kB
    11
    9

    HTTP Request

    GET https://adsensecamp.com/show/?id=S%2Fwv5473xxI%3D&cid=xoxibs15%2BiU%3D&chan=P4ULcDYO4Yw%3D&type=5&title=3D81EE&text=000000&background=FFFFFF&border=000000&url=2BA94F

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC3gQMnBGSIGwmQ9S3atUk1
    http
    IEXPLORE.EXE
    1.5kB
    5.4kB
    12
    9

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHfMFj7ryzP0CsHo3ZM9KEM%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD8Elu9WzbqaxI7ClVJiEyf

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC3gQMnBGSIGwmQ9S3atUk1

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC3gQMnBGSIGwmQ9S3atUk1
    http
    IEXPLORE.EXE
    834 B
    1.6kB
    8
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEGS1aFxLrgiFENraIps2Bvk%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC3gQMnBGSIGwmQ9S3atUk1

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCq7RI5SF5moQoe7hdhyE%2Bc
    http
    IEXPLORE.EXE
    1.5kB
    5.4kB
    12
    9

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFcPvTXkgd7BCifc%2Fa9Bw7s%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEEUyArXDgv5bErfGwqRT1wQ%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCq7RI5SF5moQoe7hdhyE%2Bc

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS
    http
    IEXPLORE.EXE
    1.1kB
    1.6kB
    9
    5

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHfMFj7ryzP0CsHo3ZM9KEM%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCxSecd6RI1ygrRdV%2FPB3nw
    http
    IEXPLORE.EXE
    1.1kB
    1.6kB
    9
    5

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCxSecd6RI1ygrRdV%2FPB3nw

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCxSecd6RI1ygrRdV%2FPB3nw
    http
    IEXPLORE.EXE
    1.1kB
    1.6kB
    9
    5

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD%2FJGkw7LweyQrQTN1Kw%2BZb

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCxSecd6RI1ygrRdV%2FPB3nw

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS
    http
    IEXPLORE.EXE
    1.1kB
    1.6kB
    9
    5

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEBq45CZh5KL8ELKDxLAxb88%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCLz%2BSnWsh5mRL0uewu4soS

    HTTP Response

    200
  • 142.250.178.3:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCq7RI5SF5moQoe7hdhyE%2Bc
    http
    IEXPLORE.EXE
    1.2kB
    3.1kB
    10
    6

    HTTP Request

    GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEFcPvTXkgd7BCifc%2Fa9Bw7s%3D

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQC9BcftJg0xdgnj9UiwmG6n

    HTTP Response

    200

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCq7RI5SF5moQoe7hdhyE%2Bc

    HTTP Response

    200
  • 142.250.200.46:80
    http://www.google-analytics.com/ga.js
    http
    IEXPLORE.EXE
    1.3kB
    18.8kB
    16
    18

    HTTP Request

    GET http://www.google-analytics.com/ga.js

    HTTP Response

    200
  • 142.250.200.46:80
    www.google-analytics.com
    IEXPLORE.EXE
    288 B
    144 B
    6
    3
  • 2.18.190.203:80
    http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgPk1%2BM1ov5Ios2tM%2B22MM3QLA%3D%3D
    http
    IEXPLORE.EXE
    479 B
    2.0kB
    5
    4

    HTTP Request

    GET http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgPk1%2BM1ov5Ios2tM%2B22MM3QLA%3D%3D

    HTTP Response

    200
  • 2.18.190.211:80
    http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgPk1%2BM1ov5Ios2tM%2B22MM3QLA%3D%3D
    http
    IEXPLORE.EXE
    479 B
    2.0kB
    5
    4

    HTTP Request

    GET http://r10.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRpD%2BQVZ%2B1vf7U0RGQGBm8JZwdxcgQUdKR2KRcYVIUxN75n5gZYwLzFBXICEgPk1%2BM1ov5Ios2tM%2B22MM3QLA%3D%3D

    HTTP Response

    200
  • 169.47.242.252:80
    http://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0
    http
    IEXPLORE.EXE
    722 B
    1.1kB
    9
    6

    HTTP Request

    GET http://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0

    HTTP Response

    301
  • 104.20.2.69:80
    http://s10.histats.com/js15_gif.js
    http
    IEXPLORE.EXE
    1.0kB
    10.0kB
    11
    11

    HTTP Request

    GET http://s10.histats.com/js15.js

    HTTP Response

    200

    HTTP Request

    GET http://s10.histats.com/js15_gif.js

    HTTP Response

    200
  • 169.47.242.252:80
    chatroll.com
    IEXPLORE.EXE
    236 B
    132 B
    5
    3
  • 104.20.2.69:80
    s10.histats.com
    IEXPLORE.EXE
    466 B
    92 B
    10
    2
  • 142.250.200.14:80
    http://developers.google.com/
    http
    IEXPLORE.EXE
    613 B
    690 B
    7
    5

    HTTP Request

    GET http://developers.google.com/

    HTTP Response

    301
  • 142.250.200.14:80
    developers.google.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 54.39.128.162:443
    https://s4.histats.com/8005.gif?2263124&@f16&@g0&@h2&@i1&@j1736380844150&@k98&@l2&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20aplikasi.107%20%3Clink%20href%3D'http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif'%20rel%3D'shortcut%20icon'%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s8005&@ten-US&@u1280&@b1:103181007&@b3:1736380844&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5CJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&@w
    tls, http
    IEXPLORE.EXE
    2.1kB
    6.2kB
    11
    9

    HTTP Request

    GET https://s4.histats.com/8005.gif?2263124&@f16&@g0&@h2&@i1&@j1736380844150&@k98&@l2&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20aplikasi.107%20%3Clink%20href%3D'http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif'%20rel%3D'shortcut%20icon'%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s8005&@ten-US&@u1280&@b1:103181007&@b3:1736380844&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5CJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&@w

    HTTP Response

    200
  • 54.39.128.162:443
    https://s4.histats.com/stats/2263124.php?2263124&@f16&@g1&@h1&@i1&@j1736380844052&@k0&@l1&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20aplikasi.107%20%3Clink%20href%3D'http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif'%20rel%3D'shortcut%20icon'%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s600&@ten-US&@u1280&@b1:164451947&@b3:1736380844&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5CJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&@w
    tls, http
    IEXPLORE.EXE
    2.1kB
    3.8kB
    11
    9

    HTTP Request

    GET https://s4.histats.com/stats/2263124.php?2263124&@f16&@g1&@h1&@i1&@j1736380844052&@k0&@l1&@mG.F.A%20Production%20(Indie%20Label%20Rap%2FHip%20Hop)%3A%20aplikasi.107%20%3Clink%20href%3D'http%3A%2F%2F3.bp.blogspot.com%2F-vi72oL3XQA4%2FT36LfXegDvI%2FAAAAAAAAANM%2FqJ8KQgL_-ow%2Fs200%2Fgfa.gif'%20rel%3D'shortcut%20icon'%2F%3E%20%7C%20Gfa%20Production%20%7C%20Indie%20Label%20%7C%20Rap%20%7C%20Hip%20Hop%20%7C%20Gratis%20Download%20mp3%20%7C%20Audio%20%7C%20Tutorial%20%7C%20Tips%20and%20Trick%20%7C%20recording%20%7C%20mastering%20%7C%20mixing%20%7C%20Video&@n0&@o1000&@q0&@r0&@s600&@ten-US&@u1280&@b1:164451947&@b3:1736380844&@b4:js15.js&@b5:0&@a-_0.2.1&@vfile%3A%2F%2FC%3A%5CUsers%5CAdmin%5CAppData%5CLocal%5CTemp%5CJaffaCakes118_b3e435707172f7227f7e0cc676c56272.html&@w

    HTTP Response

    200
  • 169.47.242.252:443
    https://chatroll.com/push/D574BB92F0091ED2E9CEA0703887436A299/iframe/D574BB92F0091ED2E9CEA0703887436A299.b5?nc=1736380846901
    tls, http
    IEXPLORE.EXE
    6.1kB
    13.1kB
    27
    27

    HTTP Request

    GET https://chatroll.com/embed/chat/gfa-pro?id=9rJ9r33KRKA&platform=blogger&w=$0

    HTTP Response

    200

    HTTP Request

    GET https://chatroll.com/t.gif

    HTTP Response

    200

    HTTP Request

    GET https://chatroll.com/service/engine.js;jsessionid=18ow9iy2tlquv1o5iy502n5pd51551846

    HTTP Response

    200

    HTTP Request

    POST https://chatroll.com/service/call/plaincall/ServiceInterface.connect.req

    HTTP Response

    200

    HTTP Request

    GET https://chatroll.com/push/D574BB92F0091ED2E9CEA0703887436A299/iframe/D574BB92F0091ED2E9CEA0703887436A299.b5?nc=1736380846901

    HTTP Response

    200
  • 172.217.16.225:80
    http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg
    http
    IEXPLORE.EXE
    647 B
    1.3kB
    7
    4

    HTTP Request

    GET http://lh3.ggpht.com/_beEpWOXwLJE/TIb57Lu4fwI/AAAAAAAABE0/q7niFVRbyNE/top-toolbar.jpg

    HTTP Response

    404
  • 172.217.16.225:80
    lh3.ggpht.com
    IEXPLORE.EXE
    236 B
    92 B
    5
    2
  • 142.250.200.14:443
    https://developers.google.com/
    tls, http
    IEXPLORE.EXE
    1.6kB
    43.2kB
    24
    36

    HTTP Request

    GET https://developers.google.com/

    HTTP Response

    200
  • 13.249.8.192:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1mLvJrwqUBl7M%2B9vMvwkA%3D
    http
    IEXPLORE.EXE
    482 B
    2.1kB
    5
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1mLvJrwqUBl7M%2B9vMvwkA%3D

    HTTP Response

    200
  • 13.249.8.192:80
    http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1mLvJrwqUBl7M%2B9vMvwkA%3D
    http
    IEXPLORE.EXE
    528 B
    2.1kB
    6
    4

    HTTP Request

    GET http://ocsp.r2m03.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQqHI%2BsdmapawQncL1rpCEZZ8gTSAQUVdkYX9IczAHhWLS%2Bq9lVQgHXLgICEA1mLvJrwqUBl7M%2B9vMvwkA%3D

    HTTP Response

    200
  • 13.249.8.192:80
    http://ocsp.r2m02.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRmbQtwnInkvkvr7BNFR%2BS2lTYPjAQUwDFSzVpQw4J8dHHOy%2Bmc%2BXrrguICEAKReGgg%2B%2BXxXhcXq%2FRGrf0%3D
    http
    IEXPLORE.EXE
    534 B
    2.1kB
    6
    4

    HTTP Request

    GET http://ocsp.r2m02.amazontrust.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRmbQtwnInkvkvr7BNFR%2BS2lTYPjAQUwDFSzVpQw4J8dHHOy%2Bmc%2BXrrguICEAKReGgg%2B%2BXxXhcXq%2FRGrf0%3D

    HTTP Response

    200
  • 2.18.190.203:80
    http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgTEfEJQqx2pspw4N1nMaBtDiA%3D%3D
    http
    IEXPLORE.EXE
    748 B
    2.0kB
    6
    5

    HTTP Request

    GET http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D

    HTTP Response

    200

    HTTP Request

    GET http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgTEfEJQqx2pspw4N1nMaBtDiA%3D%3D

    HTTP Response

    200
  • 2.18.190.211:80
    http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D
    http
    IEXPLORE.EXE
    469 B
    1.0kB
    5
    3

    HTTP Request

    GET http://r11.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQaUrm0WeTDM5ghfoZtS72KO9ZnzgQUCLkRO6XQhRi06g%2BgrZ%2BGHo78OCcCEgQ7AX2Ie2RgJBWnOnbZdJN3rg%3D%3D

    HTTP Response

    200
  • 3.165.112.107:443
    https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/module/cached/module.js
    tls, http
    IEXPLORE.EXE
    4.1kB
    144.0kB
    64
    111

    HTTP Request

    GET https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/embed/cached/embed.css

    HTTP Response

    200

    HTTP Request

    GET https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/module/cached/module.js

    HTTP Response

    200
  • 3.165.112.107:443
    https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/init.js
    tls, http
    IEXPLORE.EXE
    1.4kB
    8.8kB
    13
    13

    HTTP Request

    GET https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/init.js

    HTTP Response

    200
  • 3.165.112.107:443
    https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/module/cached/module.png
    tls, http
    IEXPLORE.EXE
    2.2kB
    32.8kB
    22
    31

    HTTP Request

    GET https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/module/cached/module.css

    HTTP Response

    200

    HTTP Request

    GET https://dw3mgzt87vzb4.cloudfront.net/client/eedb7e73/module/cached/module.png

    HTTP Response

    200
  • 208.87.227.250:80
    http://www.scri8e.com/white.gif
    http
    IEXPLORE.EXE
    501 B
    1.1kB
    5
    5

    HTTP Request

    GET http://www.scri8e.com/white.gif

    HTTP Response

    200
  • 208.87.227.250:80
    www.scri8e.com
    IEXPLORE.EXE
    496 B
    352 B
    10
    7
  • 163.70.128.23:443
    connect.facebook.net
    tls
    IEXPLORE.EXE
    711 B
    3.7kB
    9
    9
  • 163.70.128.23:443
    https://connect.facebook.net/en_US/all.js
    tls, http
    IEXPLORE.EXE
    6.1kB
    180.0kB
    86
    147

    HTTP Request

    GET https://connect.facebook.net/en_US/sdk.js

    HTTP Response

    200

    HTTP Request

    GET https://connect.facebook.net/en_US/sdk.js?hash=cf3542434eb4649eee1864894124414f

    HTTP Response

    200

    HTTP Request

    GET https://connect.facebook.net/en_US/all.js

    HTTP Response

    200

    HTTP Request

    GET https://connect.facebook.net/en_US/all.js?hash=97c9e52f7900dcfc1673b727c0d6ed56

    HTTP Response

    200

    HTTP Request

    GET https://connect.facebook.net/en_US/all.js

    HTTP Response

    304
  • 52.222.196.33:443
    https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png
    tls, http
    IEXPLORE.EXE
    1.4kB
    7.4kB
    12
    13

    HTTP Request

    GET https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png

    HTTP Response

    301
  • 52.222.196.33:443
    https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg
    tls, http
    IEXPLORE.EXE
    1.3kB
    7.4kB
    11
    12

    HTTP Request

    GET https://d167qii8h0pw75.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg

    HTTP Response

    301
  • 18.155.128.195:443
    https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png
    tls, http
    IEXPLORE.EXE
    1.4kB
    8.5kB
    12
    12

    HTTP Request

    GET https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.png

    HTTP Response

    200
  • 18.155.128.195:443
    https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg
    tls, http
    IEXPLORE.EXE
    1.4kB
    8.3kB
    12
    12

    HTTP Request

    GET https://d33tru5sm6wy0x.cloudfront.net/images/D/E/F/DEFAULTUSER-resize_20x20.jpg

    HTTP Response

    200
  • 142.250.200.33:443
    https://lh4.googleusercontent.com/proxy/GIXx9RzNHSr4iLDX-DY9nggmDdLNxKff7iytSXnLTbZ30Ozqh4v-mI-JK55UPQoijlyLLTPIf2txmmZVXNJXT9I=s0-d
    tls, http
    IEXPLORE.EXE
    1.2kB
    10.7kB
    12
    13

    HTTP Request

    GET https://lh4.googleusercontent.com/proxy/GIXx9RzNHSr4iLDX-DY9nggmDdLNxKff7iytSXnLTbZ30Ozqh4v-mI-JK55UPQoijlyLLTPIf2txmmZVXNJXT9I=s0-d

    HTTP Response

    200
  • 142.250.200.33:443
    lh4.googleusercontent.com
    tls
    IEXPLORE.EXE
    854 B
    9.8kB
    12
    12
  • 142.250.200.33:443
    https://lh6.googleusercontent.com/-9h18YaUZujg/UN_qKjTg3lI/AAAAAAAAAJg/aPhX_V-o3i0/s90/382142_123356677826423_498008173_n%2520-%2520Copy.jpg
    tls, http
    IEXPLORE.EXE
    1.9kB
    13.4kB
    16
    16

    HTTP Request

    GET https://lh6.googleusercontent.com/proxy/0Sqj0vC_8KuXI_QN2Zy60ifEtVelcuXJxq286gr1nxXXXWL8AYz0tVlyyEldLEwHesBnaQmWQqyZUFzPOtntllfh4f0L=s0-d

    HTTP Response

    200

    HTTP Request

    GET https://lh6.googleusercontent.com/-9h18YaUZujg/UN_qKjTg3lI/AAAAAAAAAJg/aPhX_V-o3i0/s90/382142_123356677826423_498008173_n%2520-%2520Copy.jpg

    HTTP Response

    404
  • 142.250.200.33:443
    lh6.googleusercontent.com
    tls
    IEXPLORE.EXE
    802 B
    9.7kB
    11
    11
  • 163.70.151.35:443
    www.facebook.com
    tls
    IEXPLORE.EXE
    753 B
    3.7kB
    10
    9
  • 163.70.151.35:443
    https://www.facebook.com/x/oauth/status?client_id=15760828052&input_token&origin=1&redirect_uri=https%3A%2F%2Fchatroll.com%2Fembed%2Fchat%2Fgfa-pro%3Fid%3D9rJ9r33KRKA%26platform%3Dblogger%26w%3D%240&sdk=joey&wants_cookie_data=true
    tls, http
    IEXPLORE.EXE
    1.3kB
    6.1kB
    10
    10

    HTTP Request

    GET https://www.facebook.com/x/oauth/status?client_id=15760828052&input_token&origin=1&redirect_uri=https%3A%2F%2Fchatroll.com%2Fembed%2Fchat%2Fgfa-pro%3Fid%3D9rJ9r33KRKA%26platform%3Dblogger%26w%3D%240&sdk=joey&wants_cookie_data=true

    HTTP Response

    200
  • 92.123.241.137:80
    http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
    http
    393 B
    1.7kB
    4
    4

    HTTP Request

    GET http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl

    HTTP Response

    200
  • 2.19.117.22:80
    http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
    http
    399 B
    1.7kB
    4
    4

    HTTP Request

    GET http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl

    HTTP Response

    200
  • 169.47.242.252:443
    https://chatroll.com/service/call/plaincall/ServiceInterface.disconnect.req
    tls, http
    IEXPLORE.EXE
    1.6kB
    1.0kB
    10
    7

    HTTP Request

    POST https://chatroll.com/service/call/plaincall/ServiceInterface.disconnect.req

    HTTP Response

    200
  • 172.217.16.225:80
    damncok.blogspot.com
    IEXPLORE.EXE
    190 B
    92 B
    4
    2
  • 172.217.16.225:80
    http://damncok.blogspot.com/
    http
    IEXPLORE.EXE
    531 B
    836 B
    6
    5

    HTTP Request

    GET http://damncok.blogspot.com/

    HTTP Response

    301
  • 172.217.16.225:443
    https://damncok.blogspot.com/js/cookienotice.js
    tls, http
    IEXPLORE.EXE
    3.2kB
    72.1kB
    41
    64

    HTTP Request

    GET https://damncok.blogspot.com/

    HTTP Response

    200

    HTTP Request

    GET https://damncok.blogspot.com/feeds/posts/default/-/Profil?orderby=updated&alt=json-in-script&callback=labelthumbs

    HTTP Response

    200

    HTTP Request

    GET https://damncok.blogspot.com/js/cookienotice.js

    HTTP Response

    200
  • 76.223.54.146:443
    yourjavascript.com
    tls
    IEXPLORE.EXE
    733 B
    3.9kB
    9
    8
  • 76.223.54.146:443
    yourjavascript.com
    tls
    IEXPLORE.EXE
    681 B
    3.8kB
    8
    7
  • 172.217.16.225:443
    https://2.bp.blogspot.com/-ykvs-q-8rOY/TjjibooGvBI/AAAAAAAAALc/_bPrJCdPex4/s000/user.png
    tls, http
    IEXPLORE.EXE
    1.1kB
    8.1kB
    10
    12

    HTTP Request

    GET https://2.bp.blogspot.com/-ykvs-q-8rOY/TjjibooGvBI/AAAAAAAAALc/_bPrJCdPex4/s000/user.png

    HTTP Response

    200
  • 172.217.16.225:443
    https://3.bp.blogspot.com/-4nq8YdzDD4M/Tjjib1jpgUI/AAAAAAAAALg/-4dP1xJO3_M/s000/comments.png
    tls, http
    IEXPLORE.EXE
    1.2kB
    7.8kB
    11
    11

    HTTP Request

    GET https://3.bp.blogspot.com/-4nq8YdzDD4M/Tjjib1jpgUI/AAAAAAAAALg/-4dP1xJO3_M/s000/comments.png

    HTTP Response

    200
  • 172.217.16.225:443
    https://damncok.blogspot.com/feeds/posts/default/-/Download%20MP3?orderby=published&alt=json-in-script&callback=showrecentposts&max-results=999
    tls, http
    IEXPLORE.EXE
    1.7kB
    29.4kB
    21
    28

    HTTP Request

    GET https://damncok.blogspot.com/feeds/posts/default/-/Download%20MP3?orderby=published&alt=json-in-script&callback=showrecentposts&max-results=999

    HTTP Response

    200
  • 172.217.16.225:443
    https://damncok.blogspot.com/feeds/posts/default/-/Video%20Clip?orderby=published&alt=json-in-script&callback=showrecentposts&max-results=999
    tls, http
    IEXPLORE.EXE
    1.4kB
    14.6kB
    14
    16

    HTTP Request

    GET https://damncok.blogspot.com/feeds/posts/default/-/Video%20Clip?orderby=published&alt=json-in-script&callback=showrecentposts&max-results=999

    HTTP Response

    200
  • 142.250.200.33:443
    https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_twFWbmtzkc0DiMcSjNuZDfGPLffRvJFu9d3EVorxZ4d1ODQqtcTA1tMmCXonPsuxzJjOU4vwn9-xOJuafJkeRXFYDBNuAqoR_zGEiIEuuFpEWivVXEr41IqGaIozozGcp_gUn9=s0-d
    tls, http
    IEXPLORE.EXE
    2.0kB
    14.1kB
    14
    17

    HTTP Request

    GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_s4yqvcAgwdHRr9AqwjC6zjvOxLbTIX8quKyoQrtbakbzerZcHJUycPwjHOA6bNe9yTbfbMNw2pvQb7S22bT_UTadYYCx5M9SbjpmEbu6YALDw9S4EK2l008mUYHFXm5UM=s0-d

    HTTP Response

    404

    HTTP Request

    GET https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_twFWbmtzkc0DiMcSjNuZDfGPLffRvJFu9d3EVorxZ4d1ODQqtcTA1tMmCXonPsuxzJjOU4vwn9-xOJuafJkeRXFYDBNuAqoR_zGEiIEuuFpEWivVXEr41IqGaIozozGcp_gUn9=s0-d

    HTTP Response

    404
  • 142.250.200.33:443
    lh3.googleusercontent.com
    tls
    IEXPLORE.EXE
    840 B
    9.8kB
    11
    12
  • 172.217.16.225:443
    https://damncok.blogspot.com/feeds/posts/default/-/Download%20MP3?orderby=updated&alt=json-in-script&callback=labelthumbs
    tls, http
    IEXPLORE.EXE
    1.6kB
    24.3kB
    18
    24

    HTTP Request

    GET https://damncok.blogspot.com/feeds/posts/default/-/Download%20MP3?orderby=updated&alt=json-in-script&callback=labelthumbs

    HTTP Response

    200
  • 172.217.16.225:443
    https://damncok.blogspot.com/favicon.ico
    tls, http
    IEXPLORE.EXE
    2.2kB
    23.1kB
    19
    26

    HTTP Request

    GET https://damncok.blogspot.com/feeds/posts/default/-/Galeri?orderby=updated&alt=json-in-script&callback=labelthumbs

    HTTP Response

    200

    HTTP Request

    GET https://damncok.blogspot.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=hitungtotaldata

    HTTP Response

    200

    HTTP Request

    GET https://damncok.blogspot.com/favicon.ico

    HTTP Response

    200
  • 172.217.16.225:443
    https://damncok.blogspot.com/feeds/posts/default/-/Video%20Clip?orderby=updated&alt=json-in-script&callback=labelthumbs
    tls, http
    IEXPLORE.EXE
    1.4kB
    14.5kB
    14
    16

    HTTP Request

    GET https://damncok.blogspot.com/feeds/posts/default/-/Video%20Clip?orderby=updated&alt=json-in-script&callback=labelthumbs

    HTTP Response

    200
  • 142.250.200.33:443
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisEU9Zc2RwcjAxqaFhHxUzeYNbL2qBMSL8dHOIyOgDm5s-DKICXs1GiKOef0i9SMN4PA5_g4KDIOb5S66UZFcEY8gVouYjIqaVGRuzrg6yu-9VRlXQMy6o99Xb00DcLyzHHbzqyItYUAj5/s0/favorites.png
    tls, http
    IEXPLORE.EXE
    5.6kB
    167.2kB
    71
    130

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGwb1PvT9q73iFDWzhQtrAGkxUIHM7t5K_InUGGPGmjcgszU3ht42mL3djb6tx2-d9_EHOeG0rKE5o7JXelMcrLpVdoZB1MHt8BsbEYao-NZVSNpL65EiH6lxO4BmYwoBUXgD318kWARhq/s0/twitter.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwQRXlN7vL6DcBhLtpAXUT6mgAxABsrGuxftPvQDLUOnXhaYJQz6A_8Pm62X3aYKkEfBe8vJYASSQRIpE-0V0QxhFMgW9BF7kQ0fClEhp4DqzWtxlODg2BJ9RO7FiZGZjT8F1v2eTeRQk/s640/Mix-Culture.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinF733tWwNVgRd5c0e-U0vNrPxbtNTNET9gYhVfg2wRzOttbzXVG4OUiiyKnmLnQMZ41M-v4tuNhDPGJGJEQfZZIn5dXTNFFsQqA4GSrGmyCWSJ6OuYmFJMYdiE3j0g8HROs_6DNXY89rG/s0/twitter.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEisEU9Zc2RwcjAxqaFhHxUzeYNbL2qBMSL8dHOIyOgDm5s-DKICXs1GiKOef0i9SMN4PA5_g4KDIOb5S66UZFcEY8gVouYjIqaVGRuzrg6yu-9VRlXQMy6o99Xb00DcLyzHHbzqyItYUAj5/s0/favorites.png

    HTTP Response

    200
  • 142.250.200.33:443
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiwhYGRNZWCOLoXh42m8tge7YFswTVD8hNrHiwe1HFp0YIrAGQGHNNjlb9csOrY5h1aKDSBoABjJa8byooJ0vQbDw0D8UDUFOhE5xaEdsu1US_3F3FaKZOl50rwC-woqxpG088RW0jECw/s1600/lyric.jpg
    tls, http
    IEXPLORE.EXE
    7.1kB
    41.5kB
    32
    48

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0sExHprodzhz_M57g9Es6gHW2wwYP8WEDy13HqFF_ZgpWpUerzZF3zsIdZZ94Xa6UsYWaeL_tvq2UyKRkLBz_-Z7Cf7USu3JU4GR6MvWi_TjH8BMyd-80a8wPlqquB7Y30nqBWcnVJ9eP/s0/search.gif

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaR4-EKz_R28yq3Pwz1c8mDQS6T79m4IVoACVn9z8bGDzBMqVR4TgK05ykzA9Aj0d3uFJ-vGXUVW77Mwl4ayj6mIGgzVuVL3eOdib-tGdB_PcC2uv_00VduJhiE3Hk9gSa8kCfLsEJQoCi/s0/pagenav-seperator.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzoJmpGUFFmivvaL3cAzNm8BobImrxKsy0Fn5OzwNPsTBIcav5XBJWFuZyIIQ7pkqp_MWKg-jDluMlHudwG8kGpI7Vwh4VIIDdumtssz2iuUJjdJCZuZaGCQBqOfZSW7WkV-QreLFwWLo/s90/LOGO+2012+%25281%2529.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTWxc3jeOkTTGxjB0dul5tlrzp7Vor-w8aFoIm9unJll092Tip_xKFVDJ5TTAtMvoaJqLgXfJwsudGj_62YKDUu0aUcTsLKZ57jIRl-_fX_8FktaxIALVjX8t3qHBZvHcDlvUWpfmrQa3U/s0/digg.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnA447-vFzTmT6refOJsT3BJzMDWP9oVR1dUiBiCSdrQFfl9cmkv24EOFiWWMxQZMpLU0Mvj_ZzC5l3npPMsO7Yk00gsp9p3GPXzbU1vNW4o6CXj__PicEeMaS70fUl6oHhK31E8DfF-A/w72-h72-p-k-no-nu/1.JPG

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKT8q68RGwvjSkmVaCIkizUx-5s51qCUYm5LmyNIzYFpDZlBiZin3qi_TdtlaxA4Dps-lULmeS6AUr2yFGOsgYCerfF9w78ToM8Oyghe5IWutRFBv4FHBpBaGda1SDKini9nv_KOWZWTk/s72-c/_DSC6713.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1Mo2f_sVdkPx6xBO7BZ7dOKXBSVBxxreAe6gbvWL4TI8S6Z_9RtxALhVb_e7Ze7DLFm49LQBI-1JpuvaVkyHfTHA7u6M40-sPgELTH1X1LOOsAAerhH1tpxfJEgffbnDdCf50UDHsJjg/s72-c/Jancok+Beat+005.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1Sts3TqJkSwZK477g3oSeNs45LkujYvkYH4bXsxSpZvauqz2pttW3NEZfA2wCYGAy7UBq4tPVOq_01cVxqqalRBXKUDI8e6i8Y6NUL1zLtNHQ6kpkWPQpaWSZISpjaQgONqXQNNtQFQg/s72-c/hi-V+ft+Mickey+&+A.Rehap+-+Ambitious+Boy.wmv_thumbs_%5B2012.09.27_00.37.44%5D.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhit1JwWNF_QOcaDyslpAYNO4v0ZqodV5vO1vUyZe8o0RqOrQItcUCLXrKbDNO1Ty_9xcpY6G4PpXGaqeFzxw_95PSjrUAUxgvXvsV3_YHQyIDjnQVITWIY2DbvGyq0tQkY909XQAXw4ejd/s0/fleche2.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiwhYGRNZWCOLoXh42m8tge7YFswTVD8hNrHiwe1HFp0YIrAGQGHNNjlb9csOrY5h1aKDSBoABjJa8byooJ0vQbDw0D8UDUFOhE5xaEdsu1US_3F3FaKZOl50rwC-woqxpG088RW0jECw/s1600/lyric.jpg

    HTTP Response

    304
  • 142.250.200.33:443
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicmFdm2IHcNbVl37lby1kJqlev3V9_Y0ekJfKka37un4NzmSnGK__IZjmz-QiMhpUPcKIkLNZ63zSZ_9v9d8b98NBbAwqEjc7hiUa4mltQAJgrIzhXmrXnWJBWmsxyU6XXypy72uVhM3c/s72-c/Awdiss+ft+hiv+&+A.Rehap+-+I'm+the+35+(Gfa+Production).wmv_thumbs_%5B2012.06.07_21.04.08%5D.jpg
    tls, http
    IEXPLORE.EXE
    6.5kB
    41.3kB
    31
    46

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_chIc_oZf5k4XayHNuRwOfrJyHGw67gY1b0kyRIVYw7odrRSKEAtb9a1FfS57sa_rd0w2cXGD5Km8lHBoGwh3bSPLepyw0yX5AXEos5oMQPNFwzWYY2D3AwIo3jAWMfG1JDgQm3RVFGqT/s0/rss.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLCRYHKwrCXLkotMjqaplzXsl42MeHKE1Dm5HS0JM4eFFu2OBnZPfXDTH9FpiP9nqxIEOBdyaM8ATQ4mxO37tEG__ukqcq1AqsnnHN3MI5MN2BjIL9A3MhHpe-xSMgBEHt7rhWb_T5-5XC/s0/nav-bg.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/s1600/logogfa.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb5MXyfVrfLeLDX0wnmhCTfFPKwniZomAnCGTbpvTAT95YMtocpPIkGNxBKd9V61GeRnZX45YPqyAcrER7LYHElMmHgPyEXdTNnOJsDb5d22lXF0VUTgty7yYTFhpFSVJNHTQcQJsRkw38/s0/facebook.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/w72-h72-p-k-no-nu/logogfa.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhinjYZDPk8W-0sLgRlhuPjxSLTBI6YYkYMFP_pgb-IIKg9_ro-cGnYJUk6CdjMZD0Y7JkeopwJEMcOLDGfyj5sp-AO9ts5YS-qX6wTaIDMDgYDiABa5twvPOiUtncm4My1LVZs7Ew_ZXE/s72-c/logogfa.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-vhpxL99DXifWv29kMUgS99dqMuSfnF4r4BPnw4Ut_Ua2gjedpvI_Zeli3UIaiAQ1YjfUMEEuQT9GPZt201JhOIPwyKc7PMbCCMjZ8EpeP5zfZc3IqfyZ-PrzkhtAQHEhk2qnRLXySm4/s72-c/IMG_4683.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtHFs056XesvDpnbqjym2wfJ-RGroJlDLUFamuGwthEZ8llkvjo78yW3r5EQEwEm3oiOtWoXqYXVajCw7WUen3K1M4RGgJeb_pz_nIrG4hTmI26yzF7yZ_T4LICKQQ_G5Wg6afODNjULs/s72-c/601073_366129290119784_1740891671_n.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicmFdm2IHcNbVl37lby1kJqlev3V9_Y0ekJfKka37un4NzmSnGK__IZjmz-QiMhpUPcKIkLNZ63zSZ_9v9d8b98NBbAwqEjc7hiUa4mltQAJgrIzhXmrXnWJBWmsxyU6XXypy72uVhM3c/s72-c/Awdiss+ft+hiv+&+A.Rehap+-+I'm+the+35+(Gfa+Production).wmv_thumbs_%5B2012.06.07_21.04.08%5D.jpg

    HTTP Response

    200
  • 142.250.200.33:443
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg24hGlT5xlcdQuv2ekPqtBYrOn2DYDJXnJLUx3W1Y8OHRmmUBhkjOf840ns_UV6JVk8a76Id7zYlii55EEseQ6TgucQAFGrDJaxSE2LiWWYA6vm_Fe54y18FoZD7miFcTRKNjgcIcPWP-m/
    tls, http
    IEXPLORE.EXE
    7.0kB
    108.8kB
    54
    92

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjacljnkGg1apNLagne4NbpgiChtfqqC-NyX8f42lxD-EItHDp55LyX4V3XlU_SFdf8jO1pfUjYzgfcW0TMQpmkxNtzJo4laTOZHfvMac-AIKrPHOtcagp3bpFsas2fdE4Y5iAHzS85lkg/s1600/543777_122801967881894_1611834920_n.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYDWfH3aa4mtWdHUUzz9aYfTlhL4qVOv3LnFWgUkggSRLg2vPhg4LUE3jjo3qxcZgk6KxFoCahicPhi0Pi0mLxnQTdZJBiZgYzWfBlhEbe2SP2M0nLQech68nm5efW_4BNIYMiMLXw8IL_/s0/nav-hover.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinEmq566cmspi7eGFfO_UXZn8_t65fjroYCG9Id44tAqVIxSjQ11lm23qqEnbYWvp9S65rd77vjAv7X4lslC6QoSX8Xj_PTPK5VTJKq7MGBYVIeOv7rz_rxyqwVJQ9Ezx2uT-sjPT2N2A/s320/860869_373877826052493_1157731708_o.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0x6YmdWqo5tCZYIu7xI6-CYU_WmKnY6kYrcaZPoE2aI-8hVmEJsikklbO4VIoGuQafR5JmLQ-mKl6cXeGlxsC1I3OgMVtvo0uclgxtgcNItiRTRret8uBxKTMEWhIbNvG7zJzVZD7HGvJ/s0/stumbleupon.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCHr98aG9ah1qq3vgOQk3Y2ijahFSfr7uEiUR61VU1u1H4DrYdWKzsl0xVYS681e8Z86GnsV0UA_3efFTyDhuYFq3YzKSsGbeX3-AwTz7pfRfuo-eYJCPTlNPTV-UxrDz7rZIF6f1ofU0/s72-c/223990_3578959391255_925619459_n.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSO8_UuZURfw9mfQLhLp5-2mC0MCJkx_StWuvTkO1ZUelJphxTWG9V-PV-I-yJcetwX4b2TdgcYuwxZqcP0nY0i4s8y6blMAyU1IkoMj_lP1S8amoWwsawtTCajCVctFv0YGmT6mYATPU/s72-c/LB_Flow.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg24hGlT5xlcdQuv2ekPqtBYrOn2DYDJXnJLUx3W1Y8OHRmmUBhkjOf840ns_UV6JVk8a76Id7zYlii55EEseQ6TgucQAFGrDJaxSE2LiWWYA6vm_Fe54y18FoZD7miFcTRKNjgcIcPWP-m/

    HTTP Response

    200
  • 142.250.200.33:443
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSBMD1Ugmv_AXj_zmQpgKE5HXWRL1MycJVazGMyxDFu7hUUxSqTVAIz870XHKxHNClexkVODVrUNf1mPCq2wPRPu2cmmPU0C9NqnrjBRsAmME2hTrxQDyuzW4i4vKAFBIJp027jqHSqpvq/s0/more.png
    tls, http
    IEXPLORE.EXE
    8.0kB
    301.5kB
    122
    225

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiwhYGRNZWCOLoXh42m8tge7YFswTVD8hNrHiwe1HFp0YIrAGQGHNNjlb9csOrY5h1aKDSBoABjJa8byooJ0vQbDw0D8UDUFOhE5xaEdsu1US_3F3FaKZOl50rwC-woqxpG088RW0jECw/s1600/lyric.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiesjVwaV1NxoYBTLwe62s6seaYf43Y_stFACD4mKUt-idP84Sa5vwQnXO1_k2SWdQaOYItRtfM9pHkAzBqwv0tJ-1LbbucJa3RoGrIriTrD1_wJ8u2nHT-ZVkQOLM8bo6Q49ME78uQVck/s640/Desain.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgo9PJSco70Bd4Abi8kUzX7oG5r4Zd5NNPARnhD36rv6vI__oGYHdxHDi-Pg_RMgG6phib0sFPdwOacnc_-3Lc0TEsgE61Fpe8pynZl9H_1G3H3qWm2by5S-_RtP2iBh-_YX9W1H83Za0Pn/s90/553764_481897048520709_306664410_n.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSBMD1Ugmv_AXj_zmQpgKE5HXWRL1MycJVazGMyxDFu7hUUxSqTVAIz870XHKxHNClexkVODVrUNf1mPCq2wPRPu2cmmPU0C9NqnrjBRsAmME2hTrxQDyuzW4i4vKAFBIJp027jqHSqpvq/s0/more.png

    HTTP Response

    200
  • 142.250.200.33:443
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmqHR4Le-b2rzz4gPavvH8pE-Eb3ht8Hm6Xer8AT_PEDo_Upl1iZ10gUacQHM3stNYEREZfaU4JdAwizmgxe1iF7flawpa-5VUhSw6e5A_AFKcZcBfdWe_9liqOluI9cTJp8VosGW-YSkU/s0/bullet.png
    tls, http
    IEXPLORE.EXE
    9.6kB
    296.4kB
    122
    227

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghp3-foulrQhogzhGSIohS2Z3f61aWWL4Qzxx5q83JPDyhIvp817Sk5gUAmpCMSP2fBZM0aKvxhT3KW1OcxLWvFdWqkkRROJ5qTKVdVIEcyt_DnVnkMRMxIa75R675p64npndW0xBKJpo/s1600/Video-Clip.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3eYbglwVgUgrIdO-Rq6PbRrJkuXL8zE-aZq2LN1ZxvJv1ut3LnmpYo0VmWwOeI7BMeuGt1R-GucVE_J2QkZF3g4e17XGWZkWpCKdGoDDksbRpbIVGqTUiEzqnqitBmtFOT9DwsN35tNg/s1600/Jancok-Beat.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIx0qBolID0xTg6qLrAJnQ41ZEBIW62kc-CI5Hs6cGB_QWGgcgDnA3EO4hqjmBYDrOuOLosPr9HaqbasFhad8AzlMMpuRBW83J_1VWVwx-svcbjMMHEAIMlSNq0DXK4yOWRPRHfcu_1iR7/s0/delicious.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxwgq9TvkIgjFeggWAUYIp1UZZY_BB_s0D4yiKZHK8wRQqiYH7usL9WqrpYpUI9puyLZjSBs3sglBniC9NlLtgdDepBDnsVNIE3ETHPqgXEQWBKoJ72s5xr72VNafCBJghoMAZlRZx-zY/w72-h72-p-k-no-nu/555365_443342835734734_252522684_n+(2).jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwWYgX8knmEUO_v1K9ye3tQa0S7VzbU9KFqgexKbmwcQh0LIA9NtJ2koTakQ9X_0rDyFKkiAlt0yeMaBk4XB-2B-9_kiWogkwyunAfIdKVeKgJg9OWjFmTXDj8nrNvG-DJ2HCgtsNsHYk/s72-c/I%2527m+.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXWr1G9-7oQJcXzlivQ1V4wFZyU-460TOF_YkbykwYYc1pKXKPGuegjHk4R6KGQB6hnhPMgcfvVP3Lmzqdmc4ulnIGn9taDWLVgaiPSsZexA8x_hwvp1AUmm6yqXZLMhvsOtEW1ekWPuA/s72-c/get+money.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmqHR4Le-b2rzz4gPavvH8pE-Eb3ht8Hm6Xer8AT_PEDo_Upl1iZ10gUacQHM3stNYEREZfaU4JdAwizmgxe1iF7flawpa-5VUhSw6e5A_AFKcZcBfdWe_9liqOluI9cTJp8VosGW-YSkU/s0/bullet.png

    HTTP Response

    200
  • 64.233.184.82:443
    coepoe.googlecode.com
    tls
    IEXPLORE.EXE
    712 B
    4.8kB
    9
    9
  • 64.233.184.82:443
    https://coepoe.googlecode.com/files/label.js
    tls, http
    IEXPLORE.EXE
    1.1kB
    6.7kB
    10
    10

    HTTP Request

    GET https://coepoe.googlecode.com/files/label.js

    HTTP Response

    404
  • 142.250.200.33:443
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSMseZw_CENJryW6o-zRl4XzZitJW16-J9wdbGlICZqhkAZZ0PERWXCSkTHa16yMAGQR9IDY_UA47dj3hTIUBdyZ58OJiOR66h2IONV6N_Wd6FGbwak-OCO5Ot7F9b8jmy5GSyYUQMp5rW/s0/loading-bar-black.png
    tls, http
    IEXPLORE.EXE
    5.2kB
    34.1kB
    26
    39

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOnu2j_7HspR0ZGP4lhh8lGIauV7PHDXh8QujyoN5fJSMVhgIisGAoYhPfJvztFxl9lSq2SWveC3igxkpD0OPRE5fStSUCwvF8fZViocwCMGSrY_-3DxVk0zFLGpcj-pgDzMXAY20VkmO2/s0/search-bg.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjVdu0levN66oGy_1mpbTUN3LJRZkiAgAcd9K_Og6a4bemD_87vTZppKlh_2QFMv62u7BEa9xt6_saZ4jUYCN8VIxS0_FiM_HksPcX0e29KdxsAgQr_7I7Mqux83dOdrgXos3fgFxNnT9d/s90/270528_240480355979243_1789834_n.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLL2ZQsN4g_1RFpzbBl5Uo-_xgk-Dw4h4mCUFkB8ef-cFBUJKBPX2c0IlOB9_rB0MPyBPh6rvP98HRo-iPyL8pf1iu9zo57G7gNJxF8pe5sewBZVGSCG4CdToxjmD9GV5HYBlnDV9VNbs/w72-h72-p-k-no-nu/hi-v+05.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQJ6JF_4t8MRHUY8Xn3gmv1ml3nwG8DFg_Erp5W-yqNUZu9zjvgWPXgKlq6yS3D-nXkeqz21jpofN5tI5Zugk6rwMyNFKS6Nk7fmXGwZst8wpX6hDvkYOXqJyn7Y_-gWu9FU3-SzmVP2Y/s72-c/463132_340191512713562_1110129633_o.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrbTMP0Pqwb3TKXca9DbDA7t5Eeb35lmmXA5wxAa_TXFxA_vDi_J0QStwiTV4ODwpEqjcLmvxdcDO1PwZzyBjYgIjLW6OloEY8vJLaJRvQELnCfXIAWgiC6Y8gNtaFlhrm7FJxJyX0794/s72-c/poster.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMesOAFuugNog2pmXyYtpVH_2YTTVrvlm-ktxXyxAXxumW0ifQ_pduNy566nv_5nOQTADcAQp4pEnOZXoDhpYfHKVPHmOPRvAKxaA7q-_D6ufOadygYEE1s6KUAeoJE4tYJHAQdq3t6zAC/s0/footer-bg.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSMseZw_CENJryW6o-zRl4XzZitJW16-J9wdbGlICZqhkAZZ0PERWXCSkTHa16yMAGQR9IDY_UA47dj3hTIUBdyZ58OJiOR66h2IONV6N_Wd6FGbwak-OCO5Ot7F9b8jmy5GSyYUQMp5rW/s0/loading-bar-black.png

    HTTP Response

    200
  • 142.250.200.33:443
    https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3eYbglwVgUgrIdO-Rq6PbRrJkuXL8zE-aZq2LN1ZxvJv1ut3LnmpYo0VmWwOeI7BMeuGt1R-GucVE_J2QkZF3g4e17XGWZkWpCKdGoDDksbRpbIVGqTUiEzqnqitBmtFOT9DwsN35tNg/s1600/Jancok-Beat.jpg
    tls, http
    IEXPLORE.EXE
    7.9kB
    45.8kB
    37
    54

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLg8yqHY3bdWJXoDMNhrMCDiGU3BfbT6Ri4qQ4UQqEMObrjU3604r4XY7V1EIBN3vbmRtrd71edt7xpskudpthEx-9vJWM-kxtck6iDWXyGemS6scRK6FWqOxM0lBrlHu9kRMYLs8ZzZ1S/s0/container-bg.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAmcgmr9s77Y_Jrjy4LOZ7t2J01SAhel0VI3oxhe7Opokb91O-sQW9uqmEbGzze12WBnWyTzZqQjlQji2GJCjcQz4-Z8CLW6oXxEAjKXuKaiHqYrHU2uumd2avToVQWXsZCwe-kYphrZsO/h90/Untitled-1.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEFdMTq4UTpX_apbjWLqroBIA4zafvwdrmX2-BEMU-ZkJ_BAcFAAYyKrhnRjQXSsnwxJLdJcUgx_Fb6yz0G4cYwENYMmuwYBKXsY4L63f6ji2eKIh0ili0EwxDJ2V5g8BAgHKeUKThgak/w72-h72-p-k-no-nu/44+beat+scale.JPG

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgYtl7hi3hpNLMC_eFMeYtOOo-ET8T8DHtZZHhdzyO3DoRefL-2SgrNFtRSLCvQkAr8Go76nvSKpyI1SPumW_2jlFfwI8W3Khjpo_JOgphFZm6aq6cXzJrcnQrdKqIYH03SvLVyO8xhSZm/s0/post-line.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipwptZVgm_2r5qXWOBfNZNqpWnEYADZgy6UWHGY4bjsd1g8bLVFwEUjraLEfaIHBmLR34qPIdbtDLHisZWDbNE3qyIIG7IpeWVS9y1u2r9XvYaiqZNNzoheHVKq3GIRDNQJEukJmkyrko/s72-c/th_Parental-Advisory---Explicit-Lyrics.jpg

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3tue7iqju-fKZ5Y1rOsoWA2MPQaJN_G3-cu9fAOmoIgsr5ZhfZLr7JCr48uHhKBWQvJb8t08mrVI4D4nGdBdGq_pZw0vJkX60WF3Jpgb-ETCKEhWJn5pUDxdHdYy4FPGIj2YAGVsUGGp4/s0/sidebar-tab.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEir_BQsdlW5HCpTsJHIXNRAs_Fq-gkrr_-8wnTB8aXoe7roXjoD-02ZATBnpy7Xbx44VDaEcdfO_v24JjdIwvmMCSzZaorIcUmCEccsmH4QwUyme8OaZcJb1W1uBvaW2hzTAu7mU09B9w1_/s0/fleche1.png

    HTTP Response

    200

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghp3-foulrQhogzhGSIohS2Z3f61aWWL4Qzxx5q83JPDyhIvp817Sk5gUAmpCMSP2fBZM0aKvxhT3KW1OcxLWvFdWqkkRROJ5qTKVdVIEcyt_DnVnkMRMxIa75R675p64npndW0xBKJpo/s1600/Video-Clip.jpg

    HTTP Response

    304

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwQRXlN7vL6DcBhLtpAXUT6mgAxABsrGuxftPvQDLUOnXhaYJQz6A_8Pm62X3aYKkEfBe8vJYASSQRIpE-0V0QxhFMgW9BF7kQ0fClEhp4DqzWtxlODg2BJ9RO7FiZGZjT8F1v2eTeRQk/s640/Mix-Culture.jpg

    HTTP Response

    304

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiesjVwaV1NxoYBTLwe62s6seaYf43Y_stFACD4mKUt-idP84Sa5vwQnXO1_k2SWdQaOYItRtfM9pHkAzBqwv0tJ-1LbbucJa3RoGrIriTrD1_wJ8u2nHT-ZVkQOLM8bo6Q49ME78uQVck/s640/Desain.jpg

    HTTP Response

    304

    HTTP Request

    GET https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3eYbglwVgUgrIdO-Rq6PbRrJkuXL8zE-aZq2LN1ZxvJv1ut3LnmpYo0VmWwOeI7BMeuGt1R-GucVE_J2QkZF3g4e17XGWZkWpCKdGoDDksbRpbIVGqTUiEzqnqitBmtFOT9DwsN35tNg/s1600/Jancok-Beat.jpg

    HTTP Response

    304
  • 76.223.54.146:443
    yourjavascript.com
    tls
    IEXPLORE.EXE
    681 B
    3.8kB
    8
    7
  • 151.101.188.157:443
    platform.twitter.com
    tls
    IEXPLORE.EXE
    751 B
    4.7kB
    9
    11
  • 151.101.188.157:443
    platform.twitter.com
    tls
    IEXPLORE.EXE
    751 B
    4.7kB
    9
    11
  • 142.250.187.206:443
    https://www.youtube.com/youtubei/v1/log_event?alt=json
    tls, http
    IEXPLORE.EXE
    38.0kB
    934.1kB
    453
    683

    HTTP Request

    GET https://www.youtube.com/s/player/a5032d18/www-player.css

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/a5032d18/player_ias.vflset/en_US/base.js

    HTTP Response

    200

    HTTP Request

    POST https://www.youtube.com/api/stats/qoe?cpn=CtDoN3_lpIdXT9H7&el=embedded&ns=yt&fexp=v1%2C24004644%2C434717%2C127326%2C26443548%2C7111%2C36343%2C9954%2C34656%2C46919%2C12193%2C19100%2C26505%2C1313%2C18053%2C591%2C7505%2C5541%2C1823%2C3186%2C7706%2C6942%2C408%2C20473%2C8%2C10631%2C9243%2C1581%2C1690%2C14%2C3943%2C2%2C120%2C366%2C1684%2C4903%2C3025%2C2980%2C5922%2C3612%2C651%2C681%2C6266%2C2049%2C705%2C553%2C842%2C2634%2C2706%2C2261%2C7764%2C2286%2C1756%2C4292%2C916%2C31%2C3313%2C436%2C6258%2C17%2C1740%2C1892%2C3420&cl=712772113&seq=1&event=streamingstats&docid=o6T1zCHUdcI&cbr=IE&cbrver=11.0&c=WEB_EMBEDDED_PLAYER&cver=1.20250106.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=6.1&cplatform=DESKTOP&vps=0.000:N,0.004:ER&cmt=0.004:0.000,0.004:0.000&vis=0.004:0&bh=0.004:0.000&qclc=ChBDdERvTjNfbHBJZFhUOUg3EAE

    HTTP Response

    204

    HTTP Request

    POST https://www.youtube.com/youtubei/v1/log_event?alt=json

    HTTP Response

    200
  • 142.250.187.206:443
    https://www.youtube.com/s/player/a5032d18/player_ias.vflset/en_US/embed.js
    tls, http
    IEXPLORE.EXE
    6.4kB
    193.2kB
    96
    148

    HTTP Request

    GET https://www.youtube.com/embed/o6T1zCHUdcI

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/a5032d18/www-embed-player.vflset/www-embed-player.js

    HTTP Response

    200

    HTTP Request

    GET https://www.youtube.com/s/player/a5032d18/player_ias.vflset/en_US/embed.js

    HTTP Response

    200
  • 142.250.187.206:443
    www.youtube.com
    tls
    IEXPLORE.EXE
    894 B
    7.0kB
    12
    9
  • 142.250.200.14:443
    https://img.youtube.com/vi/XxVJ6-WayXs/default.jpg
    tls, http
    IEXPLORE.EXE
    1.3kB
    12.5kB
    11
    14

    HTTP Request

    GET https://img.youtube.com/vi/XxVJ6-WayXs/default.jpg

    HTTP Response

    200
  • 142.250.200.14:443
    https://img.youtube.com/vi/LaF4yg8m3-k/default.jpg
    tls, http
    IEXPLORE.EXE
    1.3kB
    8.6kB
    10
    12

    HTTP Request

    GET https://img.youtube.com/vi/LaF4yg8m3-k/default.jpg

    HTTP Response

    404
  • 142.250.200.14:443
    https://img.youtube.com/vi/qA28tEgsCV4/default.jpg
    tls, http
    IEXPLORE.EXE
    1.3kB
    11.3kB
    11
    14

    HTTP Request

    GET https://img.youtube.com/vi/qA28tEgsCV4/default.jpg

    HTTP Response

    200
  • 142.250.200.14:443
    https://img.youtube.com/vi/FnMY8QqxOws/default.jpg
    tls, http
    IEXPLORE.EXE
    1.3kB
    8.6kB
    10
    12

    HTTP Request

    GET https://img.youtube.com/vi/FnMY8QqxOws/default.jpg

    HTTP Response

    404
  • 216.58.201.98:443
    googleads.g.doubleclick.net
    tls
    IEXPLORE.EXE
    764 B
    4.8kB
    10
    9
  • 216.58.201.98:443
    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
    tls, http
    IEXPLORE.EXE
    1.4kB
    6.8kB
    11
    13

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id

    HTTP Response

    302

    HTTP Request

    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

    HTTP Response

    200
  • 142.250.187.230:443
    https://static.doubleclick.net/instream/ad_status.js
    tls, http
    IEXPLORE.EXE
    1.2kB
    6.4kB
    12
    11

    HTTP Request

    GET https://static.doubleclick.net/instream/ad_status.js

    HTTP Response

    200
  • 142.250.187.230:443
    static.doubleclick.net
    tls
    IEXPLORE.EXE
    713 B
    4.8kB
    9
    9
  • 172.217.169.74:443
    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
    tls, http
    IEXPLORE.EXE
    4.0kB
    54.5kB
    32
    49

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

    HTTP Response

    200

    HTTP Request

    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

    HTTP Response

    200
  • 151.101.188.157:443
    platform.twitter.com
    tls
    IEXPLORE.EXE
    610 B
    544 B
    7
    7
  • 172.217.16.226:443
    https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250107&jk=3776034525245807&bg=!LyylLGPNAAYEOS4OJDk7ADQBe5WfODr-xLaXcffcgGFB5vcMXdMMGsgswsD2vRhVWxDbnKAuGfkFF8E4OBFGosxWJZwgAgAAAaNSAAAAG2gBB34AOkn0VhnygV-6YWy0kvomgshFgRpf1G11GALutx4E3zxhq4V_FNdw0IInL01eLFkejwPko8liNzhW35KZAg_bEkNBv9qgZCHC8KhozLrRevBZbu0VPY659WgUWvjqpCns6ezOZHiIaRS8OLDpHTGYwOakbbFWFWKqobYC5OIbwQvFnxQOOgNuB4m-JP2P8wZPDFzjfc458kwS8CFP2jgVLjHNXKvy2d7aI3VCtbvurC2x7dgbPryhsGK2QjncBpLUhXHl3c-SxWbeZdtDyjdkKJfPW4otHzbKArDqROBo3CHlc4SeSuLypChIjTVx_Zn4PHfhs01rvxlJ3aKSHIZugwg0shbhbAtRdKWFdK-KjzrfDdtL3hUYZ57vg_zCPyhQOEWYyp3rJKSPVnMAAlbqu901CS043XDCuo96xJVX5ASBjNJa0EKRW4Jel7ZHLeWoFvaEEAJf2Tar25HDZkBGnfnnDAiU21a9gn6Da6jTtScKFpeQP-ACmwwav3-LzUhnhCMJrISzxCzsZKdODpyBo3dfmJTvfdWl_SYB_NpJNG8kTQC-ZLyYJvQMK0e9_h_AbCC9CONRaL8W7nkBIwJbi3kwhHxmoC-cBT4UxJbeszN3fx69gJUMMDxpfecXHYcytThPcghOqOq5OEcCm2LxzvkQuy9jVmIPMdb8BGLszgUb-lyXP-0nO_cLJtd4C75vCWAtsqCMh4fbK7tRtuKE49ipdxs7mUd-aifu_FAS4hSqT8RM4cD_S9tM8RMKbh_-aAiehwrqI6pXQ9Ygug
    tls, http
    IEXPLORE.EXE
    2.8kB
    21.0kB
    18
    23

    HTTP Request

    GET https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250107&st=env

    HTTP Response

    200

    HTTP Request

    GET https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250107&jk=3776034525245807&bg=!LyylLGPNAAYEOS4OJDk7ADQBe5WfODr-xLaXcffcgGFB5vcMXdMMGsgswsD2vRhVWxDbnKAuGfkFF8E4OBFGosxWJZwgAgAAAaNSAAAAG2gBB34AOkn0VhnygV-6YWy0kvomgshFgRpf1G11GALutx4E3zxhq4V_FNdw0IInL01eLFkejwPko8liNzhW35KZAg_bEkNBv9qgZCHC8KhozLrRevBZbu0VPY659WgUWvjqpCns6ezOZHiIaRS8OLDpHTGYwOakbbFWFWKqobYC5OIbwQvFnxQOOgNuB4m-JP2P8wZPDFzjfc458kwS8CFP2jgVLjHNXKvy2d7aI3VCtbvurC2x7dgbPryhsGK2QjncBpLUhXHl3c-SxWbeZdtDyjdkKJfPW4otHzbKArDqROBo3CHlc4SeSuLypChIjTVx_Zn4PHfhs01rvxlJ3aKSHIZugwg0shbhbAtRdKWFdK-KjzrfDdtL3hUYZ57vg_zCPyhQOEWYyp3rJKSPVnMAAlbqu901CS043XDCuo96xJVX5ASBjNJa0EKRW4Jel7ZHLeWoFvaEEAJf2Tar25HDZkBGnfnnDAiU21a9gn6Da6jTtScKFpeQP-ACmwwav3-LzUhnhCMJrISzxCzsZKdODpyBo3dfmJTvfdWl_SYB_NpJNG8kTQC-ZLyYJvQMK0e9_h_AbCC9CONRaL8W7nkBIwJbi3kwhHxmoC-cBT4UxJbeszN3fx69gJUMMDxpfecXHYcytThPcghOqOq5OEcCm2LxzvkQuy9jVmIPMdb8BGLszgUb-lyXP-0nO_cLJtd4C75vCWAtsqCMh4fbK7tRtuKE49ipdxs7mUd-aifu_FAS4hSqT8RM4cD_S9tM8RMKbh_-aAiehwrqI6pXQ9Ygug

    HTTP Response

    204
  • 172.217.16.226:443
    ep1.adtrafficquality.google
    tls
    IEXPLORE.EXE
    718 B
    4.6kB
    9
    9
  • 216.58.201.97:443
    ep2.adtrafficquality.google
    tls
    IEXPLORE.EXE
    718 B
    4.6kB
    9
    9
  • 216.58.201.97:443
    https://ep2.adtrafficquality.google/generate_204?fsQ4qw
    tls, http
    IEXPLORE.EXE
    2.2kB
    18.6kB
    18
    21

    HTTP Request

    GET https://ep2.adtrafficquality.google/sodar/sodar2.js

    HTTP Response

    200

    HTTP Request

    GET https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

    HTTP Response

    200

    HTTP Request

    GET https://ep2.adtrafficquality.google/generate_204?fsQ4qw

    HTTP Response

    204
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    753 B
    7.9kB
    9
    13
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    747 B
    7.8kB
    9
    12
  • 204.79.197.200:443
    ieonline.microsoft.com
    tls
    iexplore.exe
    779 B
    7.8kB
    9
    12
  • 8.8.8.8:53
    layanan.oposisi.net
    dns
    IEXPLORE.EXE
    65 B
    127 B
    1
    1

    DNS Request

    layanan.oposisi.net

  • 8.8.8.8:53
    yourjavascript.com
    dns
    IEXPLORE.EXE
    64 B
    96 B
    1
    1

    DNS Request

    yourjavascript.com

    DNS Response

    76.223.54.146
    13.248.169.48

  • 8.8.8.8:53
    www.blogger.com
    dns
    IEXPLORE.EXE
    61 B
    108 B
    1
    1

    DNS Request

    www.blogger.com

    DNS Response

    142.250.179.233

  • 8.8.8.8:53
    ajax.googleapis.com
    dns
    IEXPLORE.EXE
    65 B
    81 B
    1
    1

    DNS Request

    ajax.googleapis.com

    DNS Response

    172.217.16.234

  • 8.8.8.8:53
    dinhquanghuy.110mb.com
    dns
    IEXPLORE.EXE
    68 B
    142 B
    1
    1

    DNS Request

    dinhquanghuy.110mb.com

  • 8.8.8.8:53
    2.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    2.bp.blogspot.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    apis.google.com
    dns
    IEXPLORE.EXE
    61 B
    98 B
    1
    1

    DNS Request

    apis.google.com

    DNS Response

    142.250.178.14

  • 8.8.8.8:53
    adsensecamp.com
    dns
    IEXPLORE.EXE
    61 B
    77 B
    1
    1

    DNS Request

    adsensecamp.com

    DNS Response

    103.30.145.12

  • 8.8.8.8:53
    feeds.feedburner.com
    dns
    IEXPLORE.EXE
    66 B
    110 B
    1
    1

    DNS Request

    feeds.feedburner.com

    DNS Response

    216.58.212.206

  • 8.8.8.8:53
    www.linkwithin.com
    dns
    IEXPLORE.EXE
    64 B
    94 B
    1
    1

    DNS Request

    www.linkwithin.com

    DNS Response

    118.139.179.30

  • 8.8.8.8:53
    lh5.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh5.googleusercontent.com

    DNS Response

    142.250.200.33

  • 8.8.8.8:53
    4.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    4.bp.blogspot.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    lh3.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh3.googleusercontent.com

    DNS Response

    142.250.200.33

  • 8.8.8.8:53
    3.bp.blogspot.com
    dns
    IEXPLORE.EXE
    63 B
    124 B
    1
    1

    DNS Request

    3.bp.blogspot.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    www.google.com
    dns
    IEXPLORE.EXE
    60 B
    76 B
    1
    1

    DNS Request

    www.google.com

    DNS Response

    142.250.187.196

  • 8.8.8.8:53
    c.gigcount.com
    dns
    IEXPLORE.EXE
    60 B
    121 B
    1
    1

    DNS Request

    c.gigcount.com

  • 8.8.8.8:53
    www.reverbnation.com
    dns
    IEXPLORE.EXE
    66 B
    98 B
    1
    1

    DNS Request

    www.reverbnation.com

    DNS Response

    3.222.25.176
    44.199.167.23

  • 8.8.8.8:53
    andreykusanagi.googlecode.com
    dns
    IEXPLORE.EXE
    75 B
    136 B
    1
    1

    DNS Request

    andreykusanagi.googlecode.com

    DNS Response

    64.233.184.82

  • 8.8.8.8:53
    ib.adnxs.com
    dns
    IEXPLORE.EXE
    58 B
    319 B
    1
    1

    DNS Request

    ib.adnxs.com

    DNS Response

    185.89.210.212
    185.89.211.116
    185.89.210.82
    185.89.210.180
    185.89.211.84
    185.89.210.153
    185.89.210.20
    185.89.210.141
    185.89.210.122
    185.89.210.46
    185.89.210.90
    185.89.210.244

  • 8.8.8.8:53
    icons.iconarchive.com
    dns
    IEXPLORE.EXE
    67 B
    99 B
    1
    1

    DNS Request

    icons.iconarchive.com

    DNS Response

    104.21.235.214
    104.21.235.213

  • 8.8.8.8:53
    feedjit.com
    dns
    IEXPLORE.EXE
    57 B
    139 B
    1
    1

    DNS Request

    feedjit.com

  • 8.8.8.8:53
    www.alertpay.com
    dns
    IEXPLORE.EXE
    62 B
    78 B
    1
    1

    DNS Request

    www.alertpay.com

    DNS Response

    52.223.39.56

  • 8.8.8.8:53
    mybloggertricks.googlecode.com
    dns
    IEXPLORE.EXE
    76 B
    137 B
    1
    1

    DNS Request

    mybloggertricks.googlecode.com

    DNS Response

    64.233.184.82

  • 8.8.8.8:53
    banner.adsensecamp.com
    dns
    IEXPLORE.EXE
    68 B
    98 B
    1
    1

    DNS Request

    banner.adsensecamp.com

    DNS Response

    103.30.145.12

  • 8.8.8.8:53
    imemovaz.googlecode.com
    dns
    IEXPLORE.EXE
    69 B
    130 B
    1
    1

    DNS Request

    imemovaz.googlecode.com

    DNS Response

    64.233.184.82

  • 8.8.8.8:53
    www.lintas.me
    dns
    IEXPLORE.EXE
    59 B
    91 B
    1
    1

    DNS Request

    www.lintas.me

    DNS Response

    104.21.59.55
    172.67.215.31

  • 8.8.8.8:53
    s2.sigmirror.com
    dns
    IEXPLORE.EXE
    62 B
    138 B
    1
    1

    DNS Request

    s2.sigmirror.com

  • 8.8.8.8:53
    js-kit.com
    dns
    IEXPLORE.EXE
    56 B
    120 B
    1
    1

    DNS Request

    js-kit.com

    DNS Response

    52.222.169.79
    52.222.169.3
    52.222.169.52
    52.222.169.66

  • 8.8.8.8:53
    vicahya.googlecode.com
    dns
    IEXPLORE.EXE
    68 B
    129 B
    1
    1

    DNS Request

    vicahya.googlecode.com

    DNS Response

    64.233.184.82

  • 8.8.8.8:53
    t.ly
    dns
    IEXPLORE.EXE
    50 B
    82 B
    1
    1

    DNS Request

    t.ly

    DNS Response

    104.20.7.133
    104.20.6.133

  • 8.8.8.8:53
    crt.rootg2.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    136 B
    1
    1

    DNS Request

    crt.rootg2.amazontrust.com

    DNS Response

    3.164.163.90
    3.164.163.127
    3.164.163.87
    3.164.163.59

  • 8.8.8.8:53
    crt.rootg2.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    136 B
    1
    1

    DNS Request

    crt.rootg2.amazontrust.com

    DNS Response

    3.164.163.59
    3.164.163.127
    3.164.163.90
    3.164.163.87

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    c.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    c.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    o.pki.goog
    dns
    IEXPLORE.EXE
    56 B
    107 B
    1
    1

    DNS Request

    o.pki.goog

    DNS Response

    142.250.178.3

  • 8.8.8.8:53
    r10.o.lencr.org
    dns
    IEXPLORE.EXE
    61 B
    160 B
    1
    1

    DNS Request

    r10.o.lencr.org

    DNS Response

    2.18.190.203
    2.18.190.211

  • 8.8.8.8:53
    r10.o.lencr.org
    dns
    IEXPLORE.EXE
    61 B
    160 B
    1
    1

    DNS Request

    r10.o.lencr.org

    DNS Response

    2.18.190.211
    2.18.190.203

  • 8.8.8.8:53
    s10.histats.com
    dns
    IEXPLORE.EXE
    61 B
    141 B
    1
    1

    DNS Request

    s10.histats.com

    DNS Response

    104.20.2.69
    104.20.3.69

  • 8.8.8.8:53
    chatroll.com
    dns
    IEXPLORE.EXE
    58 B
    74 B
    1
    1

    DNS Request

    chatroll.com

    DNS Response

    169.47.242.252

  • 8.8.8.8:53
    developers.google.com
    dns
    IEXPLORE.EXE
    67 B
    83 B
    1
    1

    DNS Request

    developers.google.com

    DNS Response

    142.250.200.14

  • 8.8.8.8:53
    s4.histats.com
    dns
    IEXPLORE.EXE
    60 B
    268 B
    1
    1

    DNS Request

    s4.histats.com

    DNS Response

    54.39.128.162
    54.39.156.32
    149.56.240.27
    149.56.240.132
    149.56.240.131
    149.56.240.31
    149.56.240.130
    149.56.240.128
    54.39.128.117
    142.4.219.198
    149.56.240.127
    149.56.240.129
    158.69.254.144

  • 8.8.8.8:53
    lh3.ggpht.com
    dns
    IEXPLORE.EXE
    59 B
    120 B
    1
    1

    DNS Request

    lh3.ggpht.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    ocsp.r2m03.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m03.amazontrust.com

    DNS Response

    13.249.8.192

  • 8.8.8.8:53
    ocsp.r2m02.amazontrust.com
    dns
    IEXPLORE.EXE
    72 B
    88 B
    1
    1

    DNS Request

    ocsp.r2m02.amazontrust.com

    DNS Response

    13.249.8.192

  • 8.8.8.8:53
    r11.o.lencr.org
    dns
    IEXPLORE.EXE
    61 B
    160 B
    1
    1

    DNS Request

    r11.o.lencr.org

    DNS Response

    2.18.190.203
    2.18.190.211

  • 8.8.8.8:53
    r11.o.lencr.org
    dns
    IEXPLORE.EXE
    61 B
    160 B
    1
    1

    DNS Request

    r11.o.lencr.org

    DNS Response

    2.18.190.211
    2.18.190.203

  • 8.8.8.8:53
    dw3mgzt87vzb4.cloudfront.net
    dns
    IEXPLORE.EXE
    74 B
    138 B
    1
    1

    DNS Request

    dw3mgzt87vzb4.cloudfront.net

    DNS Response

    3.165.112.107
    3.165.112.155
    3.165.112.6
    3.165.112.159

  • 8.8.8.8:53
    www.scri8e.com
    dns
    IEXPLORE.EXE
    60 B
    76 B
    1
    1

    DNS Request

    www.scri8e.com

    DNS Response

    208.87.227.250

  • 8.8.8.8:53
    connect.facebook.net
    dns
    IEXPLORE.EXE
    66 B
    114 B
    1
    1

    DNS Request

    connect.facebook.net

    DNS Response

    163.70.128.23

  • 8.8.8.8:53
    d167qii8h0pw75.cloudfront.net
    dns
    IEXPLORE.EXE
    75 B
    139 B
    1
    1

    DNS Request

    d167qii8h0pw75.cloudfront.net

    DNS Response

    52.222.196.33
    52.222.196.155
    52.222.196.99
    52.222.196.209

  • 8.8.8.8:53
    d33tru5sm6wy0x.cloudfront.net
    dns
    IEXPLORE.EXE
    75 B
    139 B
    1
    1

    DNS Request

    d33tru5sm6wy0x.cloudfront.net

    DNS Response

    18.155.128.195
    18.155.128.189
    18.155.128.187
    18.155.128.12

  • 8.8.8.8:53
    lh4.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh4.googleusercontent.com

    DNS Response

    142.250.200.33

  • 8.8.8.8:53
    lh6.googleusercontent.com
    dns
    IEXPLORE.EXE
    71 B
    116 B
    1
    1

    DNS Request

    lh6.googleusercontent.com

    DNS Response

    142.250.200.33

  • 8.8.8.8:53
    www.facebook.com
    dns
    IEXPLORE.EXE
    62 B
    107 B
    1
    1

    DNS Request

    www.facebook.com

    DNS Response

    163.70.151.35

  • 8.8.8.8:53
    www.microsoft.com
    dns
    IEXPLORE.EXE
    63 B
    230 B
    1
    1

    DNS Request

    www.microsoft.com

    DNS Response

    92.123.241.137

  • 8.8.8.8:53
    crl.microsoft.com
    dns
    63 B
    162 B
    1
    1

    DNS Request

    crl.microsoft.com

    DNS Response

    2.19.117.22
    2.19.117.18

  • 8.8.8.8:53
    damncok.blogspot.com
    dns
    IEXPLORE.EXE
    66 B
    125 B
    1
    1

    DNS Request

    damncok.blogspot.com

    DNS Response

    172.217.16.225

  • 8.8.8.8:53
    blogger.googleusercontent.com
    dns
    IEXPLORE.EXE
    75 B
    120 B
    1
    1

    DNS Request

    blogger.googleusercontent.com

    DNS Response

    142.250.200.33

  • 8.8.8.8:53
    coepoe.googlecode.com
    dns
    IEXPLORE.EXE
    67 B
    128 B
    1
    1

    DNS Request

    coepoe.googlecode.com

    DNS Response

    64.233.184.82

  • 8.8.8.8:53
    nwidget.networkedblogs.com
    dns
    IEXPLORE.EXE
    72 B
    145 B
    1
    1

    DNS Request

    nwidget.networkedblogs.com

  • 8.8.8.8:53
    s7.addthis.com
    dns
    IEXPLORE.EXE
    60 B
    135 B
    1
    1

    DNS Request

    s7.addthis.com

  • 8.8.8.8:53
    fbcdn-sphotos-d-a.akamaihd.net
    dns
    IEXPLORE.EXE
    76 B
    194 B
    1
    1

    DNS Request

    fbcdn-sphotos-d-a.akamaihd.net

  • 8.8.8.8:53
    platform.twitter.com
    dns
    IEXPLORE.EXE
    66 B
    127 B
    1
    1

    DNS Request

    platform.twitter.com

    DNS Response

    151.101.188.157

  • 8.8.8.8:53
    www.youtube.com
    dns
    IEXPLORE.EXE
    61 B
    303 B
    1
    1

    DNS Request

    www.youtube.com

    DNS Response

    142.250.187.206
    216.58.213.14
    172.217.169.78
    142.250.200.46
    216.58.201.110
    172.217.16.238
    142.250.187.238
    142.250.200.14
    142.250.178.14
    172.217.169.46
    142.250.179.238
    142.250.180.14
    216.58.204.78

  • 8.8.8.8:53
    img.youtube.com
    dns
    IEXPLORE.EXE
    61 B
    314 B
    1
    1

    DNS Request

    img.youtube.com

    DNS Response

    142.250.200.14
    216.58.212.238
    216.58.213.14
    142.250.180.14
    216.58.204.78
    142.250.200.46
    142.250.187.238
    142.250.179.238
    142.250.178.14
    142.250.187.206
    172.217.169.46
    216.58.212.206
    172.217.16.238
    216.58.201.110

  • 8.8.8.8:53
    googleads.g.doubleclick.net
    dns
    IEXPLORE.EXE
    73 B
    89 B
    1
    1

    DNS Request

    googleads.g.doubleclick.net

    DNS Response

    216.58.201.98

  • 8.8.8.8:53
    static.doubleclick.net
    dns
    IEXPLORE.EXE
    68 B
    84 B
    1
    1

    DNS Request

    static.doubleclick.net

    DNS Response

    142.250.187.230

  • 8.8.8.8:53
    jnn-pa.googleapis.com
    dns
    IEXPLORE.EXE
    67 B
    323 B
    1
    1

    DNS Request

    jnn-pa.googleapis.com

    DNS Response

    172.217.169.74
    142.250.200.10
    172.217.169.10
    142.250.180.10
    142.250.178.10
    216.58.213.10
    142.250.179.234
    172.217.169.42
    216.58.212.202
    172.217.16.234
    142.250.187.234
    142.250.187.202
    216.58.212.234
    142.250.200.42
    216.58.204.74
    216.58.201.106

  • 8.8.8.8:53
    ep1.adtrafficquality.google
    dns
    IEXPLORE.EXE
    73 B
    89 B
    1
    1

    DNS Request

    ep1.adtrafficquality.google

    DNS Response

    172.217.16.226

  • 8.8.8.8:53
    ep2.adtrafficquality.google
    dns
    IEXPLORE.EXE
    73 B
    89 B
    1
    1

    DNS Request

    ep2.adtrafficquality.google

    DNS Response

    216.58.201.97

  • 8.8.8.8:53
    fe0.google.com
    dns
    IEXPLORE.EXE
    60 B
    110 B
    1
    1

    DNS Request

    fe0.google.com

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    854B

    MD5

    e935bc5762068caf3e24a2683b1b8a88

    SHA1

    82b70eb774c0756837fe8d7acbfeec05ecbf5463

    SHA256

    a8accfcfeb51bd73df23b91f4d89ff1a9eb7438ef5b12e8afda1a6ff1769e89d

    SHA512

    bed4f6f5357b37662623f1f8afed1a3ebf3810630b2206a0292052a2e754af9dcfe34ee15c289e3d797a8f33330e47c14cbefbc702f74028557ace29bf855f9e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

    Filesize

    1KB

    MD5

    55540a230bdab55187a841cfe1aa1545

    SHA1

    363e4734f757bdeb89868efe94907774a327695e

    SHA256

    d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

    SHA512

    c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    1KB

    MD5

    026cef24f5a08dfb690dc814849ac227

    SHA1

    b34248691970b4303829fc82b20a7d2d81a12e0e

    SHA256

    fd94f49fe23cfa9376a0a18be17b78c4c7841a95a35e82425632d7748bacb4bf

    SHA512

    90c84d6c870aaad4ba7ae2b21de7a6fa0409e00da8e3d6683ed0d98cc9f367aa36e94610a768fa16237615722554e83944ce7a9f53a8f62ae70239e0adb4f666

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DABA17F5E36CBE65640DD2FE24F104E7

    Filesize

    1KB

    MD5

    c6150925cfea5941ddc7ff2a0a506692

    SHA1

    9e99a48a9960b14926bb7f3b02e22da2b0ab7280

    SHA256

    28689b30e4c306aab53b027b29e36ad6dd1dcf4b953994482ca84bdc1ecac996

    SHA512

    b3bd41385d72148e03f453e76a45fcd2111a22eff3c7f1e78e41f6744735444e058144ed68af88654ee62b0f117949f35739daad6ad765b8cde1cff92ed2d00c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199

    Filesize

    170B

    MD5

    4aba30f4a0f2b8a9b561b7db6d9b146b

    SHA1

    8c09c2e9611ca74c7f314b39b56264779402ed3c

    SHA256

    3e175905a3883ee02161cf571ded297f5f80b4a431bd9f7a59d19634802fc1ec

    SHA512

    2639561b171d56a09614cf35c3553e3af92d548e53c40229d45f64eca16939276c2988aa0162545de3924de0f93bfe2b3985abc722c804769a3201bcabd5e000

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

    Filesize

    230B

    MD5

    30141c327f35491538898050c1f103ba

    SHA1

    3cd4b31b1f23477ae8fde777732d6dfcd76f707a

    SHA256

    d703ba485b1673cd0514a1851b50acc4d819f24cc310060278e5349f89f33de9

    SHA512

    1232f313eae329d7deef9fedc0ecc74c38daf346e7bbd0105243ce3dfc5d69dd89e92cff616cb4fa3c9a3f8dfe5f8811e9e8481690de07dfa9f4cba17a52555d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    be0750593d5d0ef973a10b4e3ba673ba

    SHA1

    b8db3838bc7dc290dbcfaa9b66c0dab5a7c68c4b

    SHA256

    59186bbafadacbbd2629cced6c46506e07a473f00479f3e6b79420f54016630b

    SHA512

    46d6a3609a71e7a356794759381877a8d70e155cece3ea1e28ef9d64f7870a4a332f06a039ea4dcfa56bc96e05e56473e1fd01af7e2d6826181de6cd654be241

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

    Filesize

    410B

    MD5

    d15b53d30bf01ba12059267cb25e0a98

    SHA1

    b7fcf189c78ba19b337151804c7bedf5135d5874

    SHA256

    92fed11f4d3187ea8eb03f3ffc2991fcfa9d1cda3d07d37d74cfca0ab592ab5b

    SHA512

    75a8958d9b7ccaf0ce8cabfa6888f1e3c01fb4acaceafa06f585dde93af2c77c351842505ce0f615fd237c333261a367bb38a6fc9b1412a9678a8b117ea3014e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

    Filesize

    252B

    MD5

    549eabd2c5ad43e9108b160fad8ab1ba

    SHA1

    e5444ae1f86a428c9bd936716868600b81be7b9f

    SHA256

    169f5eeac00a08c07e0831388d06e9c91639c9c0e7520acfcb58d14b3d0faaa8

    SHA512

    460b1d0fb6e097dddf6db9bd9db8f1e08da1aa511a158b1962679432863b73d724080927feca4fc1e18d5ab25b19ea81c10cf7e926eda31989e5a682be1eb402

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11f9b0309e456e312044e45e629c9d56

    SHA1

    9acbacf1a11b9e6b25279cec0c2b8987e6bf64ef

    SHA256

    5a67facc29713b757dd61f048924d9eb55d49acfcde04fa61012842a7b4132a0

    SHA512

    e61f05e95c03b7606fc1e802841c44aaa0fb0a7a7a7ccb1e456da569224086b85d3fae4dac4e4cc807d07b25cc078df7230e95a9ea4ec71838af28becdde654e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    11296f85f87a20f29183183296c73559

    SHA1

    4f148911d0f3ac0fc0632df7136aa68967e0bf49

    SHA256

    be46840063d36f8564fb261580315345ca53683e197fa5d172a76061380fd66f

    SHA512

    db001622c12ab8cb5a1269c19aca2ad53c2474ed7272694a39cc99c0b0f494f8e5a05a8ee4901973f629cab32b01345db178ad010160771ba6efd286bda0f829

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2bafc8a422ce1d24ace601177c590190

    SHA1

    a163cc6472598868ffcade60139e9803c4d27478

    SHA256

    b7b871667c91620e86505d698ac15b1053910260284c492dee44d96c2ee2646b

    SHA512

    53dd1e4f29863f3690d227139fafd5047d6defd8129262ad498ffc9c7261dffb05d784238f965632305949acf6304eb5f3bd80c418072b3546230128c555f76f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b865daa8fe34d9388d892e8cfa2f6359

    SHA1

    3b434d8e6fc21cc13a2be0c2232bbc771e0b7510

    SHA256

    64c7ef23ab9f8a778ffb54e09ab88369c6be9b06a3c728c3aa11bf8dcda2f9df

    SHA512

    d1e3795e894b8dc2f948955f93338ee733a03df2ddcf4f9b212c7fd17a9467243d1abf9c0f9268c5cee8b0d66adbcc7f8e35f791546d34dd34ed6249cd24866e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    236790e3000d3948f8679b9e72e1d415

    SHA1

    bcd18fc532349c444f45ce519c74a7aedefee64a

    SHA256

    37d8ab5e7d671417c155f752c64ce1ccdebe5aab91a8d26ee0b3d838fccfc755

    SHA512

    f11d059577423886985c54523fe4664e978744048a02c101a5ef6ffbd50d578946608e27b99e31e5dc14f5f60cdee2367c7cf5d2a4ceacf15ddb40b0c3f8201b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ba57e757ddde7902e2c1a39eef4da877

    SHA1

    7b94832538b74e62e13825b643243bf4a2f46559

    SHA256

    d4ed6f6e4630c3e398e9c2fde58bb1a1f2b64aa56ea4187213ee945ea6f9a5c1

    SHA512

    a796f3b604b0496f8ca4f5bae15b31b5ddfb891d5b2810486eba0a02f4688e7f945544f7545ea3a76625ffc56bfb9f828a1fa617f196d9a54d190c41632bec43

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    5ee2a78f4ed105bf7b249c8e3797323c

    SHA1

    b9073c0a6de73686cd26b6a5f10c127d7386977e

    SHA256

    240edd3d5e1114d380ea0fea7fb44106fa6d995ec1379b2d5793eb71c2d23652

    SHA512

    95a3f107779a58c46cc12b3b545c0c99144c8b744fe90b34f44ed9995a9d54f8b23ab745657c8dea0740b6824dd9c6baba3a8053e028efc2536587e194408d4e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    31ad6dc320ba0253f4ccad92c73d81df

    SHA1

    3a42f997e36d2f9b9e98b333e25fd0b56a77c4a4

    SHA256

    e541437f1f108fb2428428a22c8d4b464e35f8a4378d22d26b2c4f034542fb32

    SHA512

    317efe5ad266772aac5cf887fcaae6c9312c1a63a1bac0946a0dd21fbf631e45222e90eb8fdd7949310c686de4469d4b69c5a35fa2aea4dcaf18dbc3d628b261

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    d81499ef3e7364f4e482675698fb97e8

    SHA1

    c91285e2c00cbc2d1959879aea1957ca9ed89b47

    SHA256

    5c6a1e8f891caed2a3049855802a83dfbcb84061ca774304605496b4daed3f86

    SHA512

    d39bf4835800f1db34b231bc17a4e697f33b8f21d2b20a053282f6e94f6c879b3d5aaaf022ceff843150240595ca09dbb6e5fe5510839e7d16e6f71e112f9462

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    32ce82e082a3bc34a4db52c5d7723629

    SHA1

    ecafe9f139e2b2e9f4ed80016932f588957165d3

    SHA256

    842b26434024426729458a83240634e08d31365397e0257c8639ac934b1bda6c

    SHA512

    a11f00b76def3ee03e9b61652bb229ab4fa4aa21a37c3edf12e47d9f08c7b295e8f38c8c88ae9bde9bb9f71d35cc58a8b2bf726101edd10e0105eef5756b3fda

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    3c3827edf0770755f1fb4173b4b3db72

    SHA1

    8d5ab73fc355563b30c8d43e5aa44d4b6dff330f

    SHA256

    aebc6be045cfd05556d19aeabf5963666abd714a9ca82655c99d602047b6526c

    SHA512

    32f828715f857a1b68db6ce08c326366b3d01d25f68236032fed7a4b7013171e52044c3fd8986d7d4269a2d52fd40334fa36853b3c58dd36dfc0a0371275f23f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c62f4fa528b3dbb681230ad754270fb

    SHA1

    265f966e3e025a778a7443d173748daa3ae68995

    SHA256

    ac506f7772ceae57bd5adf9e09af8e39dfbc6d2c65451af388c837d77ec977c9

    SHA512

    70578295ba60defb88c06d0db1724d4f85189f530987ac58054a78dd7d203a4e0fa3a8ac5ad671d265f492b36eaa1f1e4a95f61c0c740b4b4e8d7d13420d2d94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    381f0c9931c5beaf8b899536990cbf60

    SHA1

    bd4684e58b81da603558ce098946e4f741eba2a6

    SHA256

    9d2da097a7347ff8bc0784e7cbcd1b37b454998c5733fd2b959714a4e60fad1a

    SHA512

    2f2805bd720fc49279d898d895cd36f37e90860cf7d5a0b7e12c5da020d46b86a237831a809891efc8d13141ec0948266f7bdda501c62e4bd9216c130d5018e3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    cfd12018eab8e561d76c5a5bfc284031

    SHA1

    5b11991cc8509e8dcde06e0b958ad63f352573ac

    SHA256

    58b15af828bbc89ac505d09aeae12494a70d5a4f06c961985dc55213125aeb19

    SHA512

    967f408387e16f1df92eb2c22f7818250b21f0ed5ec163fc349a7cbffa23187a9231509bad88157a9f5e10b9671b3e2480a8f76c5bb1331ae3167896b44f84c4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    4cc773489e0a448903f64da5218f1a90

    SHA1

    10ff009a3594f67d68d70a47a19e9e8adc844337

    SHA256

    6bdfbe97e120c86213f4d513838d569e846bc1a1fffc83975a33b11807245c68

    SHA512

    20661b30481c72dd66630bf3064dc97c7bf6f0ad9f4d9689b72f306f97b317c47e44872ffa1931179648a919bcd6c5258f5e82428c72b9c154122714ea610c2b

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bf5a08d14bde09c34bbb48e11d3fb15b

    SHA1

    39c57aac68308c8d14ad768fa7dd228e33460029

    SHA256

    321a9c835e3a1a0409b42218b8b592b430222107aa9d48ec6028971d78724285

    SHA512

    8e3dc7ee5102fba26cb95e9e45c4e28b256332f10bd3bac7cfc0945243113d15bebda3bc8df7c8c283b553c7a4018ede720ae96b2b60d2aaf45bca5b24477088

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e03c528f86ac73c16eea124aa44ca358

    SHA1

    dc24249f4aeaa0358eafdd95f08f4a39303047d1

    SHA256

    d814979e6a28d8df76fcf296fa2e776efdfde9d4a52992ae6b872e6837094f30

    SHA512

    ac681d6ab9b4d9736bff2962e40bb3a4385982aa4dca5a4e080dfbd2119222f6903dd41e35f9be45f01fc4ddae41d5bd5b7790ce34d89f2c7c19939b5119a9ca

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    efd828bec229241b2de8aa5279221c11

    SHA1

    62115d0650493abb31185701c18ea12528e1fcd6

    SHA256

    46342ad024c58d5f347d4cd3388f177d6c714edce94768ceb4d60665b1a36e1e

    SHA512

    334ba7f7238485b5a3275b7ce486733aa6785d86380f8100f16a1ccd6ce0c5795da352449683ff5caf2dc29f99581c7219d27efec13d40ccfe1beb8ccb27c1ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8772b311807f0d8967b7c22e0de4e1a7

    SHA1

    8d60e2ced3a0e8df7ff0f25325b48c5c7fec0db2

    SHA256

    1068dc7ab693366158d432533ec0742211c99c30f3596098eccb5a625723464b

    SHA512

    cf75bfb6b1b13da3783aa1d217ea8095b76c0855ccdc7aa5fee22839f74d9a7e6ba01e8090f7e2827cf4b5afd9c52124927cd59944a1667074114600243bc1ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    b17cb9c0f683b151ba0389c3c6a4e087

    SHA1

    8c69fe1e17a422f1610ba9e0e5d03554cd5b0c04

    SHA256

    dc1a466da02b46b196e24a0a13c61b4f0327086d04fe4ed307743ababc28026f

    SHA512

    03ab9ecc8780432ba3748174ff26aff919e1f640d601ab0abaf6040be9b71b5af123dd141824f74be1607a915e1fbb2c0c5739ba7d507f96d41bdc8cc573143a

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    0274e1efa7774a9c8b9ffdfd5d4f8274

    SHA1

    caba8beaf6892ec8b86b551d01c0bb72d022204c

    SHA256

    1c04a78772e87c5a67349aae20e9131e37a85f9175cc0a486d1149c93e8e5d25

    SHA512

    f60dd5f66444e22ca34ea1da5ed9c1abe3a983720f6d34a81152ad5e1edc44b4f6616f8561f888f4de2e749babe4d33340b1463cf79a17d814a03fdf9e43d9f3

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2b40508d031479b7162afa494f0aca07

    SHA1

    e928030f889341180e78afad37578a3dbcccb223

    SHA256

    135b57a19f2fb1d7eb3b76126219f5f0197e5d7a5384d9b2cf1f9025fa946405

    SHA512

    313af4e33600206f6445182721fa89a359391eaeb4c99331c2e51628770bbf5a5cbb3d5e7e2f7de31030e7a763e7d06dcd62dc2dd40f6058e71f7fb282c319c0

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1dfd1385bdd5b133626466f9ca42c7e1

    SHA1

    d6ca517cb39cfe0f7bfce80f0cc5cd70165d803b

    SHA256

    3eebdee70308480c6fe3853054796791118752bae624bda572d2d4ba173cac81

    SHA512

    a95374d178028f174e12509ae48c46b8912e1d08c6a2e306b1cd1bddf76bcdc18dbd56b2fa1a3045f1ef42778baa793ce9346bb37e9f4910e20bc4716b542d2f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    95618bcddd860109610f6bb8562cd7c1

    SHA1

    aac4db84c129ff80815aac72ffe4c2be461ca7fb

    SHA256

    aebcc7c32d4cc18298a805fdf10379bd3e4ae9ca507b2e8e9b7188039fd74f1f

    SHA512

    3a790d61669f736e244c1c4b245e58d2db8e37f04a101d8913565cef5dd1f870d2af391e88df23e9ea72b7058970a66347fc03adaff8a0bc8d973e2ff70390de

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    fc99f89cea31c252c7f620ae91db4d7e

    SHA1

    78a5ea10833f838376e349c1507de85742bd6bc0

    SHA256

    6c18cd5876fb8ea057d5900871477ff41194d1965503d6c0717734c740b98cb7

    SHA512

    0328ea91a70487eac6147dc8e2c6b1026babfc8759f5b387f150fa4361ac7b436a3e21311c0d6073ab3c31b3b4f97c823ecbae870246a631446a7f378311f3d4

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    f6490382c853e2f7601899fc36fcc58a

    SHA1

    4711662454bf7d1ca14d15bb65052e1de210838b

    SHA256

    46630056d1f292227acf98e4c94c678a0a31c8d6571371c7674c98c54609b887

    SHA512

    202bc2ee9cb9264f7d583bd3c5eed8c6106948139a87ae85e0b71e78f71f07408e27fc6853e70767c6e55cabf6567b74f876b1a267238e153fdba765d6096f26

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9bea30097f5d97ca0ea022b25462a75b

    SHA1

    179dae9dac4703bbbaf3c55f0100c74e00963fcc

    SHA256

    8929a580bb0425159b0659cfdb1c7bea67a2cb7c2977654188521ad6417ef99b

    SHA512

    4f49a429b40c7c2935b9f393bd6f896499bf94c67a46db6e91734cd7ffa2f18d97395c92d212b9be6c722253ff9b44797d1aefbb26a8ab74a61d17cd42ef2e1f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e8c7befca9ac6b6c4c465eb0ab043a55

    SHA1

    0d555079f53542d2105c25cbea2d36182e8fa2f9

    SHA256

    f5e43d828c52c4be66060eb4f5d14ddd3a7e0b778966eaf2786958bf94d08ff7

    SHA512

    6fab0b099a127003a492ae17a348bbbca3a8fc05ebdb24830fcfe5db0f79068fd7a700e8bbfdddb4e32a0ab6a5e2c1d5b1f1de9806a3b5b5f095061c07e4d8cb

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    1ee818e1bc4a70bb7c68373fb6b8ad2f

    SHA1

    748fbadab434b3730046b2360e350b146af6d55e

    SHA256

    75ebe806a09b87647da70c4569311bb45570184539758d96d839e03e7187a3a8

    SHA512

    940bf5dc0b5d2a42ef1e79a4ae074cf573eaabd2f2ae12d2971d3f56a2f7ddaa1526a7a41000b74d074ef7b8b72dcde14fb0ea61e9ddf84164671dfe3a839cd2

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8525a9dea3cc538755accc4a2d2423a4

    SHA1

    746cbab47d35196c51c5b7686bb0f4548a31dacb

    SHA256

    38dd3280ed2d722f80f6b5249d32f311f32ed1d5b214e4d3718d8718e0660c8a

    SHA512

    2db3af991e50f6599abb9c3274f766eaf9646e40c7c4c4e971402239637d2a44688c6df50ebccbf6c58ccd4280c740c74f1d953de83d270659756bbff1dffda1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    e5baadc361c8452e7be551c3f863e1fc

    SHA1

    952e84ed464c888de936fcc8e3210fd57b0e352c

    SHA256

    d32d9514490cfab5482ad5c22b6c1d51e6680725b68866256268183f63a095ff

    SHA512

    b2dbbd814ed3dc89afb6cc1dd4e64b3eb6ede010effcba452fd630a07586048adfff3d3f7171ce44ce18ca16163b900e6b3a9d83b54dda56d5d57ca6347b49cf

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    18ac133839b75fe4223ae33784e17a59

    SHA1

    5e1fa5e238de6fce02c43145765f4ef61c47747a

    SHA256

    9a0c120e4d93ed83753dd4035d557974475ad3608baa6002dd32e9f78cecbab4

    SHA512

    62170bd617edd2011a624a3b0794ad3e4f00fc2de03b486ebf48faf0e77ebc3800b2acd4e525e157fbcf86d134cb45c25c269ea125dd6b9cdf265e88b3ff995c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    2c2e4844caa0a29216f44e2c5fe24d1e

    SHA1

    cb9aed33b35e5c88b512d1ad3925211c5d409028

    SHA256

    a1f3a9f2ede37fe0604bd4c3e8409de9036e282802bc5df85c75b108669a5356

    SHA512

    039b2e3d3e325890d5f82ca827500d1d91089bbe504950d699e1631599fe195076c36d0cd96a38b179d7974d6920b594afffc5407d82cd014c0189f0670e8968

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    7c23837fb50d35eb592c4e1a6ff8bef9

    SHA1

    a0b27cc275fe03fd0264e5476d60f64db77f1359

    SHA256

    d2ea0eca3f0ae0bc3b4df4d2f3026e2c90aee2270b43f96f2544f0467e6bf9d1

    SHA512

    a2839b30029ab70a0bef8397f00ef05e20aa5ead4d6a7a1a47c08de40be2cd2ff0db84ce0ac72c923d54f552419ad36b99943fda9d1d787d7e6fdecb21d5d576

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    dd261ebd63f478ace046942c12942335

    SHA1

    2a26dc9064ccb33fc606753ff62159e21987cd80

    SHA256

    2894b3e0f676cbcb8ac3e829498ba22cfc20a037e568183efc69fe70165b92d1

    SHA512

    159153d086a17b21fe071a659f3b0547225261f11ac50cc51e7e700d0aef8e6eafb87d87f6e17e75221ce19e87736c96df5b3be6dd070ae2624375d55df89736

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    8b37ca222506c75db80ac4c3c7e4e275

    SHA1

    56b00173358beb4ea4cb949329d2fad0d791a0f5

    SHA256

    b6ff1a600a87733aba9ee60c78c09010b90105390a432960d08040ec5d375da0

    SHA512

    02f31f3fc73e8899736434d700e37a24988c2b57d7dd74ee12d96fe9e45f4c31d9423969b23f9ce9d9ede6e68b7909f42b1f9d93486299b3e09db0b1e3c32a4c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    98c5d11f8af4c23be96b45a07a876e2f

    SHA1

    62bb2779e4ea07d70396faeb7c011eedaed1474a

    SHA256

    bf26d15af16d1d41e7813e544b069b93a088159029aac47ab1ddd191330b0c91

    SHA512

    3a2697b343009eaac64eaad328fd508defa16bcafd602eb02e5eeaa3af4d546dba480fc361b3363b2667c811f5ca0e9b155fbf4a151fd4db1ca5e13ea05ea625

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ac3e4de6d6adff9ee1d8ceec973872ed

    SHA1

    2b25c374f4c57b1e5182ad376c2274baaea5960b

    SHA256

    884153c5334b82ca5a0cc1f6a95854e981aa5154ddfdd4b8e6e0539f72a6cee3

    SHA512

    d4d783de9a63d41eb2fcdc02c177c2084f915507ae5f14cd6ad765c9741a78c75661a51dda1a53295fdd551dba05448f0ab980e2fe8d91866f3805eb869890ac

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    bd8d67a32f25a55bc4915c35a4ad3b28

    SHA1

    15e4328f2f2cd33ce4a65c67576f1bc6717ee5cf

    SHA256

    213f1f77a9dbaa539449044cc5e497cdb9182f079427fa6b68fe347cb5256121

    SHA512

    f762a80163cea4475d5b21457917d9d0261e42cba9501ee51794d526aa343fbc355436ca95063097eafb678f9142d52cd8e7b8ed7984fc0dfee364ee6d979265

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    9032fc7bd93353c8a3182ebb20bd6c46

    SHA1

    f83d1ef29a133760fba279d3bb72e813124ece3d

    SHA256

    07c4c58de4cc7d378e267b79accec4c9329cf63fe7e11a524a907c40d39314b0

    SHA512

    a4b18dc0de1cee1c01d3cf6e2f66818d1d426ba72f5290c4f71df01e71b01fd441ccd7cb1659d152aa59123189ebc6b9088b12cf2269e96f437d95171edfb2ae

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    a1b3d8567c98d49290dceec039061409

    SHA1

    399f363e88f035f9407e5402b62163498a0f1aa3

    SHA256

    f5d975d73a6cd792cf70c09c27bca9b836edba22196ea3ad8106e7ef771e9048

    SHA512

    ac39b5dfad084d72c38983674a54de66e327936b05ffcbee8d812dfc3de75b5b012a2373e76a1dcbe8194688a5e487300002d5f2495723193ad43bf41a2d3e8f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    342B

    MD5

    ad8c390a7d54ff36caa087cca34b9dba

    SHA1

    4c797c27df752066ba3cb3b3e2abe50540cf5385

    SHA256

    f3491746fa6de8f7b378b59ec5dbd8acd554aa6061caf4d4cf4d6328ca6b7edb

    SHA512

    05684ee47dcafc0ac9fb1b09c3bf0fe60a31a90113b3abecd0f7515a174fa20886ecf46851cdaa93453521b2cfb85489da6b6482abc9626335943c2ef75e7257

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\BAD725C80F9E10846F35D039A996E4A8_88B6AE015495C1ECC395D19C1DD02894

    Filesize

    432B

    MD5

    0e4aea3178ce0375d57e2a508098de47

    SHA1

    a5d3ba7eb56d2f4720f014c67ec73b9d3535419a

    SHA256

    3f6d3a50c61eb077a00ed582f1d84501e31f0e4e8dddc3d1474a5344db94b693

    SHA512

    ddf9f9e3813367194bc238754748886f5329a3d9e08888586e3e3198824cc5373d7fe39f50e7662472023c41215bc90b5dffdec5b18faa018cb14e12f4ce9403

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DABA17F5E36CBE65640DD2FE24F104E7

    Filesize

    276B

    MD5

    11bed2b51dca983b0cfa18588094cca2

    SHA1

    f2ee035278409730875d991672309a9bf4629952

    SHA256

    0d4c1b53da268ebb44e8d2e09192b4f2cef909c64cf3ccc1e507d9cf6fe3d98c

    SHA512

    5833f649a7688f62ade580b3bda47ef37d20898868c176b2a217c95431dbe6c1b8c85dcdc45733a31e6f056a60baeefc91efc7d26797624ab6faec4e1e02bded

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

    Filesize

    242B

    MD5

    9270cf68fab2c108a3937ec92b9b1cd9

    SHA1

    9df0f920d0087af7da8eb530e60228b62a455fc6

    SHA256

    1a48944cd30252cc7f3e2002231794d8822cc52892d6d66b4a3d6f1f18007214

    SHA512

    75c99096c145d0c4f94f05320586461c380f59691093faa76bf8f84a593974ac51daea52a561874cc17fe34bb6045275612a801e73f9b215af6e7427165c5cb9

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\I1FOSLWJ\www.youtube[1].xml

    Filesize

    229B

    MD5

    e24af893addfd0a1d6796b1260d02eb6

    SHA1

    9451089d010ad64af61ea47e41ab52c8a31ddfb9

    SHA256

    530c0daec0545733b7066f7491d5807283ee0a601cb5ba7afc7658f3a23174ef

    SHA512

    5f431466434ec9fd869b92fde15e57d1cf9f4d825c7933b6dfcdbb5550481115aa3bd8ba3402ffd65bcd755ac34608f0454f8d04d6b13a73d0a7e25f63d6a6d0

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\I1FOSLWJ\www.youtube[1].xml

    Filesize

    17KB

    MD5

    54e5070e237a18e7eaaa400356cfbfb0

    SHA1

    90f87aad23b5e70da67bcd1462dadd7a77f52f8e

    SHA256

    54eea59247625800810040e177773165d3a5f62983c341203ad9bb3810fe3fc3

    SHA512

    cd3bfc0ff88f524c61e174fedb31092b9a023bdcb4dfcb9c54b23167c94f6457f664277093a0660637a132018e6c119023ec95b8dec5fd22d95835bf6a24b562

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\I1FOSLWJ\www.youtube[1].xml

    Filesize

    578B

    MD5

    5d42f547019afe48d6439a39a200d46a

    SHA1

    a44bb2d9607421acf6c183c8890f79aeea95df04

    SHA256

    680cc7002959fee59ec460ab7515b61c2e1939da66f663448543bc49227f6196

    SHA512

    31d424e96108a28b236cb48031ad0b68bcc057ef0623e21d9f08ee06edfc74f655834c405d47d03873a4e389190551f20de41979d3d65141b72309b1bedfd89a

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\I1FOSLWJ\www.youtube[1].xml

    Filesize

    578B

    MD5

    7f29cb4b6315484597c1cd5811898adb

    SHA1

    dac632be8c5f2368eda8c479a5b9ff8f154b39d4

    SHA256

    628973329ee65ccff1e60349e156cbc5ddc09ccb8f94e4aaba8455aad2501505

    SHA512

    74c83c7ea4e680bc2fbbe588ef1ceb4a88de3d089c0d758e53df30e2e01f1d5e7f856908b685180ee833b8898ad65c03df637556074cc38e526affe7d81e6a8d

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\XDRXLBL4\chatroll[1].xml

    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\melo7gx\imagestore.dat

    Filesize

    1KB

    MD5

    4f9071e13812de8580fd6cf11588b7fe

    SHA1

    1ceac34d33b6ef455b1e99bdf5bebd31b1d4e3f6

    SHA256

    d306f7453864a3de4343841435fec013758499bde8cdaf0fca5447d5cdfc9d74

    SHA512

    38e648af9520c3dc2e690f328c95aac9253d84c13e27d8d0d789df497b826bd04ab5b0c0984f53c6d97735e484b8d86b49fe03c7b3e3aaedf3ea8851f16e4915

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BCOPU31\favicon[1].ico

    Filesize

    1KB

    MD5

    871c1f2e03f0d59f06d5d5262ca7a337

    SHA1

    546bff947a8917533e8a0ec56c689bb364e0cd11

    SHA256

    2fa2f956b179e8c6009c18d6e25c7bdb2b9e946ab9a8df2f3ffe35dc7244d4d1

    SHA512

    f86d18613ee477dffc952a4a73ef85ae3a7e87c64b03a6a88723a7c1d938cbdb8c543775d1d3196d4cd0986dca02525b989b924a0f6898586f2e1aebda799422

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BCOPU31\fb[1].htm

    Filesize

    114B

    MD5

    e89f75f918dbdcee28604d4e09dd71d7

    SHA1

    f9d9055e9878723a12063b47d4a1a5f58c3eb1e9

    SHA256

    6dc9c7fc93bb488bb0520a6c780a8d3c0fb5486a4711aca49b4c53fac7393023

    SHA512

    8df0ab2e3679b64a6174deff4259ae5680f88e3ae307e0ea2dfff88ec4ba14f3477c9fe3a5aa5da3a8e857601170a5108ed75f6d6975958ac7a314e4a336aed0

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BCOPU31\platform[1].js

    Filesize

    62KB

    MD5

    78e3220eb2fca6a62ca8477767757151

    SHA1

    8bdbd661f5046a761fc1f24c3124851a15b66709

    SHA256

    975033c5186c254b228ab70f69b5c1529acc426cc34934422da20da93ebfc9f6

    SHA512

    6375ca8a2aa701d91d9b23edcced8f1900c6dd26a66b18fc6b3314591a6820e036738a87b290c000a8a82e4ffd9c57ffc3d536253ce3046420c201a26157fe1e

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8P9TO0C6\jquery.min[1].js

    Filesize

    89KB

    MD5

    a34f78c3aecd182144818eb4b7303fda

    SHA1

    6fca78dac2797c02d86a4bf6514eda398b7dbe62

    SHA256

    c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776

    SHA512

    ddec07100503fdad6655d4e90aaac246719e9667611b35b112e4694e2671b43f4c4ef0b87371d3a6e173f7ade9dfd2058e5e165a41c3a250007d49ec18f2419c

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUME8XYE\all[1].js

    Filesize

    3KB

    MD5

    4e09b86a0ff1648c90299e47b2ce3f2b

    SHA1

    7d2c9d4c41eb693a90ffe8c2a4b0a73064e71a2e

    SHA256

    05831d2fd3365adfac31b7874fbe22f1b6d38f7705ff33b01128f1aeb6046931

    SHA512

    8e19d88093a8a2a0c4bf5086c3f25b459fac528fb4887244b51dd3ad247a73668e369eb30c5c13fdee79298d006a95466d9353a16ab73c1d64a9db71a312788f

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NT668XG4\cb=gapi[1].js

    Filesize

    175KB

    MD5

    4b631ff88bd736ff7ee1d027c647d328

    SHA1

    0ccec46ba9b399fdde5cac07e68d87165a144ad4

    SHA256

    7d1ce7035000d38d825e3ee7cf8d8eb6971561154ff5d48fc3896523074a8601

    SHA512

    a3aee28a91b3cb5d9b1c99d0c4a51abdcae5fa486373de02233ea0b947aba3052c1cb44ee66cd92dc905680e5568232e1edc0608069cca94602748f406163087

  • C:\Users\Admin\AppData\Local\Temp\Cab3C18.tmp

    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

  • C:\Users\Admin\AppData\Local\Temp\Tar3C4A.tmp

    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.